GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-09-24 12:26:45 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST500DM002-1BD142 rev.KC44 465,76GB Running: 8oh989nu.exe; Driver: C:\Users\szef\AppData\Local\Temp\uxlyraoc.sys ---- Threads - GMER 2.2 ---- Thread System [4:388] fffff802700d2f50 Thread C:\WINDOWS\system32\csrss.exe [680:752] fffffe64d4416c20 Thread C:\WINDOWS\system32\svchost.exe [564:7876] 00007ffc415530f0 ---- Services - GMER 2.2 ---- Service System32\drivers\dtsoftbus01.sys (*** hidden *** ) [SYSTEM] dtsoftbus01 <-- ROOTKIT !!! ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control@LastBootShutdown 0 Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime 0x25 0x04 0x62 0xA3 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime 0xDB 0xAB 0x25 0x62 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime 0x25 0x04 0x62 0xA3 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime 0xDB 0xAB 0x25 0x62 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@pl-PL 22 Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\SAM02ADH9FQ463945_11_07D8_A1^8D1EB2BE60886BB0629CC57DFFE99E2D@Timestamp 0xB7 0x3C 0xB8 0xA4 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid 844 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber 2710599 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed -1715872019 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId 22 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime 484766669 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 14119 Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID 12b834a9-ce1a-4bed-b1e4-bcd9412 Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\AITEventLog@FileCounter 1 Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\WdiContextLog@FileCounter 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS\Performance@PerfMMFileName Global\MMF_BITS31c93ed5-34e0-4209-83bc-b1adadddc1ad Reg HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{e1ea1844-98ac-49a0-a733-984485eddc17}@LastProbeTime 1474715501 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@AdapterStatus 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@client 0x41 0x3B 0x13 0x40 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@mask 0xF2 0x4F 0xE2 0x64 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@Type 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@Start 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@Tag 33 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@ImagePath \SystemRoot\System32\drivers\dtsoftbus01.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@DisplayName @oem0.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@Group SCSI Miniport Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@Owners oem0.inf? Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit0 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit0@data 0xC0 0x2A 0x32 0x72 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit1 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit1@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit10 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit10@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit100 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit100@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit101 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit101@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit102 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit102@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit103 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit103@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit104 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit104@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit105 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit105@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit106 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit106@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit107 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit107@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit108 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit108@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit109 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit109@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit11 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit11@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit110 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit110@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit111 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit111@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit112 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit112@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit113 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit113@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit114 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit114@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit115 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit115@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit116 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit116@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit117 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit117@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit118 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit118@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit119 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit119@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit12 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit12@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit120 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit120@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit121 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit121@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit122 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit122@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit123 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit123@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit124 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit124@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit125 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit125@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit126 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit126@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit13 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit13@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit14 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit14@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit15 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit15@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit16 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit16@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit17 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit17@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit18 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit18@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit19 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit19@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit2 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit2@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit20 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit20@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit21 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit21@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit22 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit22@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit23 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit23@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit24 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit24@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit25 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit25@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit26 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit26@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit27 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit27@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit28 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit28@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit29 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit29@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit3 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit3@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit30 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit30@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit31 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit31@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit32 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit32@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit33 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit33@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit34 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit34@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit35 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit35@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit36 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit36@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit37 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit37@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit38 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit38@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit39 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit39@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit4 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit4@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit40 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit40@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit41 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit41@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit42 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit42@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit43 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit43@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit44 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit44@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit45 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit45@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit46 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit46@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit47 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit47@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit48 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit48@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit49 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit49@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit5 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit5@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit50 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit50@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit51 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit51@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit52 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit52@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit53 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit53@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit54 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit54@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit55 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit55@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit56 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit56@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit57 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit57@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit58 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit58@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit59 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit59@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit6 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit6@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit60 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit60@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit61 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit61@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit62 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit62@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit63 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit63@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit64 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit64@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit65 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit65@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit66 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit66@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit67 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit67@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit68 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit68@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit69 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit69@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit7 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit7@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit70 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit70@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit71 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit71@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit72 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit72@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit73 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit73@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit74 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit74@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit75 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit75@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit76 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit76@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit77 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit77@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit78 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit78@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit79 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit79@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit8 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit8@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit80 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit80@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit81 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit81@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit82 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit82@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit83 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit83@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit84 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit84@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit85 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit85@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit86 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit86@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit87 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit87@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit88 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit88@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit89 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit89@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit9 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit9@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit90 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit90@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit91 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit91@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit92 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit92@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit93 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit93@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit94 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit94@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit95 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit95@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit96 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit96@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit97 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit97@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit98 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit98@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit99 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit99@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01 Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Diagnostics@ReadyBootTrainingCountSinceLastServicing 13 Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime ?sob.?, ?wrz ?24 ?16, 11:13:44????????????????????????????????? Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 1867 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 336 Reg HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence 21 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{fb0b464f-00cd-448d-ad7d-4b6235565add}@LeaseObtainedTime 1474708294 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{fb0b464f-00cd-448d-ad7d-4b6235565add}@T1 1474711894 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{fb0b464f-00cd-448d-ad7d-4b6235565add}@T2 1474714594 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{fb0b464f-00cd-448d-ad7d-4b6235565add}@LeaseTerminatesTime 1474715494 Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0x10 0x5F 0x19 0x5F ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0x10 0xC7 0xDD 0xC0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0x10 0xF7 0x54 0xFD ... Reg HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\Parameters@ServiceDllUnloadOnStop 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Object List 13424 13430 13440 13450 13470 13514 13524 13562 13568 13584 Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Last Counter 13590 Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@Last Help 13591 Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@First Counter 13424 Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance@First Help 13425 Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{99b9c8df-aebb-11e4-a98e-10bf487245f0} Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{99b9c8df-aebb-11e4-a98e-10bf487245f0}@Drive Type 1048593 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{99b9c8df-aebb-11e4-a98e-10bf487245f0}@IsImapiDataBurnSupported 0 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\StagingInfo\Volume{99b9c8df-aebb-11e4-a98e-10bf487245f0}@Active 1 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids@DAEMON.Tools.Lite Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice@Hash ureA3+zp2Vw= Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice@ProgId AppXqj98qxeaynz6dv4459ayz6bnqxbyaqcs Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown 1 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications\wpnidm\5adbdace Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications\wpnidm\5adbdace@FileExtension jpg Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications\wpnidm\5adbdace@Url wpnidm:http://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBwzbMr.img?w=204&h=100&m=6&tilesize=wide&ms-scale=100&ms-contrast=standard Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications\wpnidm\5adbdace@FileName C:\Users\szef\AppData\Local\Microsoft\Windows\Notifications\wpnidm\5adbdace.jpg Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run@DAEMON Tools Lite "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce@Report C:\AdwCleaner\AdwCleaner[C11].txt Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search@JumpListChangedAppIds Chrome?{6D809377-6AF0-444B-8957-A3773F02200E}\CCleaner\CCleaner64.exe? Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@Chrome 0xCD 0x5E 0xD5 0xC2 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@{6D809377-6AF0-444B-8957-A3773F02200E}\CCleaner\CCleaner64.exe 0xE9 0x7F 0xAA 0x8E ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{3A2C4EBB-85E3-4CB5-A620-ED60118889EE}@LastAccessedTime 0x10 0xB1 0xA7 0xDA ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{3A2C4EBB-85E3-4CB5-A620-ED60118889EE}@LaunchCount 5 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{DA580014-98C7-48BE-8180-910718F02A13}@LastAccessedTime 0x90 0x19 0x70 0xB7 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{DA580014-98C7-48BE-8180-910718F02A13}@LaunchCount 10 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{F9683E1A-9595-440F-9111-522D3B993969}@LastAccessedTime 0xE0 0x28 0x63 0xD9 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{F9683E1A-9595-440F-9111-522D3B993969}@LaunchCount 12 Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance@MessageTime 0x4C 0xDF 0x50 0x36 ... ---- EOF - GMER 2.2 ----