GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-07-12 11:44:59
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9500325AS rev.0002SDM1
Running: jfnkdt99.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\kxriafoc.sys


---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwSaveKey + 13C1                                                                                                               8384D339 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                                      83886D52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           C:\Windows\system32\DRIVERS\lirsgt.sys                                                                                                      section is writeable [0x9B9B1300, 0x1B7E, 0xE8000020]
PAGE            spsys.sys!?SPRevision@@3PADA + 4F90                                                                                                         B3C52000 290 Bytes  [8B, FF, 55, 8B, EC, 33, C0, ...]
PAGE            spsys.sys!?SPRevision@@3PADA + 50B3                                                                                                         B3C52123 486 Bytes  [D5, C4, B3, FE, 05, 34, D5, ...]
PAGE            spsys.sys!?SPRevision@@3PADA + 529A                                                                                                         B3C5230A 142 Bytes  [C4, B3, 3B, 08, 77, 04, 3B, ...]
PAGE            spsys.sys!?SPRevision@@3PADA + 5329                                                                                                         B3C52399 101 Bytes  [6A, 28, 59, A5, 5E, C6, 03, ...]
PAGE            spsys.sys!?SPRevision@@3PADA + 538F                                                                                                         B3C523FF 148 Bytes  [18, 5D, C2, 14, 00, 8B, FF, ...]
PAGE            ...                                                                                                                                         

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[1660] kernel32.dll!SetUnhandledExceptionFilter                                          76D93D01 4 Bytes  [C2, 04, 00, 00]

---- Devices - GMER 1.0.15 ----

Device          \Driver\ACPI_HAL \Device\000001ca                                                                                                           halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device          \Driver\BTHUSB \Device\000001f7                                                                                                             bthport.sys (Driver til Bluetooth-bus/Microsoft Corporation)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                                                      fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                                                      fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\BTHUSB \Device\000001f9                                                                                                             bthport.sys (Driver til Bluetooth-bus/Microsoft Corporation)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                                                      fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \FileSystem\fastfat \Fat                                                                                                                    fltmgr.sys (Microsoft Filsystem Filterstyring/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Bind    ????ab????????????X??????d??????6-21-2006???????DE??Net??????????????.???e???????????????????????????&??Net?????????????????????11???????????????????????????????????????????????h?????? ,??????Root\*6TO4MP\0018???????????????????????????????????????? ???????????????????3????????"???a?????????????????????????????????????????????Root\*6TO4MP\0017???????????????Microsoft???Microsoft???????????? P??????4?????50???11??????? ???????0???????????d??????????????????\\?\Root#*6TO4MP#0016#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{E98D48A6-11B5-48A3-9BEB-2AB571121589}??????????????????????????????????????????????f????????????????????????????????????????`?????????????*6to4mp??????????????}???e??????AP??????????????????????????????????????????????ls????$??????????????????????%??????????11?FD ??\\?\Root#*6TO4MP#0015#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{2E088C97-76D1-4730-A5FE-46A6C7B6E6D1}???????????????X??????n??????????????????????????????t???????????????s?????$?????????????????Root\*6TO4MP\0019???????tunnel???????????y?
Reg             HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Route   ????????? ?????????????????????1????????????????????????????? "?????????????????ndis5_ip6_tunnel????????????????????????????????6.1.7600.16385???????????????????????????????????F??????2F??????????????????????????? ?????????????????????,?????????????????f????N??????8?????D?"??{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?{5A??? ???????1?????????????,????????$???<???????????????????????????????92??? ?????????????????????,????????z?????#B88????$??????8???????4??Root\*6TO4MP\0182?????z??????4??????F-??\\?\Root#*6TO4MP#0182#{cac88484-7515-4c03-82e6-71a87abac361}?}??? ???????1?????????????,??N?????$???<???????????????????????????????1C??? ?????????????????????,????????????'????????????????????}????????????$??????3???????D??Root\*6TO4MP\0182????????????-??????F8??\\?\Root#*6TO4MP#0182#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{D973F9D2-4B38-48B6-9C54-88E0688C8F6E}?97??????? ?????????????????????,?????????????????f??{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?T\*??Root\*6TO4MP\0183???6-21-2006???? ???????:?????????????:???????????
Reg             HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Export  ????????????????????Microsoft???????????????4E?????????????????{?????????????z????????????????????????????????????????????????????????(LAN-forbindelse* 112?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????@Microsoft 6to4-netv?rkskort #104??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002243c97d5d                                                                 
Reg             HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind                                                                            ????????????????????????????????????????????? ???????S?????etB???????????????????????????????????~???????????????????v???e???????????u???e??nettun.inf???????????????M???????????????|???????e???????????????????????????????|???3??s-??.NT??????????????f??????????????????Net?????????????? ??!????_?????481???????????????????????????????????????????????????r??v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\system32\svchost.exe|Svc=RPCSS|Name=@FirewallAPI.dll,-30007|Desc=@FirewallAPI.dll,-30010|EmbedCtxt=@FirewallAPI.dll,-30002|???v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=policyagent|Name=@FirewallAPI.dll,-30003|Desc=@FirewallAPI.dll,-30006|EmbedCtxt=@FirewallAPI.dll,-30002|????????z??????????#???Net?????????????????????ru??Microsoft????????????0??s???v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMa
Reg             HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route                                                                           ????????????????????????? ???????u?????u?????u????????*????? ???????????????????????????????s4??? ???????u?????u??????????L??????????????????????{????N??v?????????n?????????y???????????????????|???|??????????????t???????????????????????????????Net??t??????????????????????????????????@%systemroot%\system32\wkssvc.dll,-1000???????b??v?????????n?????u?u?v?v?v?u?u???????????????u???????e??? ???????u?????u??????????V?????????&???????????????????????????????????????????? ???????u??????????????????????????+??????????????????????0?????????{??????????????????????ReadyBoost???????????{??System32\DRIVERS\RDPCDD.sys??????????u??????p??????|??????????????????????m?????? ???????u????????????????L??????????????????m???u?u?u???u??? ???????u???????????u??????????????&????????????????????v??? ???u???P??????d0??????????????? ???????u???????????u??????????????&???????????????????????? ???u??????????d???????????????????????OT??? ???????u???????????u??????????????&????????????????????P??? ???u??????????d_???????????;?????????????
Reg             HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export                                                                          ????????{4d36e972-e325-11ce-bfc1-08002be10318}\0019?????????????????????????????????????? ?????????????????????-??????$????????????????/?/???????????/???????????/??????????? ?????????????????????,?????????????????f??? ?????????????d???????1??L????????? ????????6??? ?????????????f???????1????????????&???????????????????? ??? ?????????????????????1????????????????????????????? ???????????????????d?1????????????????????battery.inf:Microsoft.NTx86:AcAdapter_Inst:6.1.7600.16385:acpi\acpi0003?????????????? ?????????????????????1????????????????????? ???????????????????d?1????????????????????????????????????????? ?????????????????????1????????????????????? ???????????????????e?1????????????????????????????? ?????????????????????1????????????&???????????????????????? ?????????????????????1????????????????????? ???????????????????e?1?????????????????????????????????????????e??????????????????? ?????????????????????1????????????????????? ???????????????????e?1?????????????????????????????7??????????????????10??6.1.760
Reg             HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind                                                                       ?????7??????????????????????????{5175d334-c371-4806-b3ba-71fd53c9258d}??????????t????????????????_??????s???*6to4mp?????????????????????????????????Microsoft 6to4-netv?rkskort #16?0c??Microsoft 6to4-netv?rkskort #25?????? ???????l???????l??????16???????????u?????s????????s???? ?????????????????????*??"?????z????????????????????2?????s-4??????????????6-21-2006???????????????????????????????????Z????????????????????????????? ?????????????????????????????????????????????????????????????$???4????? ??????? ????H???????????????????? ?????????????????N?????? ?????D?????????????????????|???e??????????tunnel??????6-21-2006???????#????$??????????????????????????????int?????????????????????????? ???????????????????????????????r???????????????L???????????????_???????????????????_??????????0.0.0.0?????? .?????????????????epsonstylus_dx380035be?????????????????????p?????????????????????????????????r???????????????h??????????????????????? ??????????????s???? ??????????????????06/21/2006???????????????????????????????s??? ?
Reg             HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route                                                                      ??????????X??????????t??????????????OO?????????????????????????????????????e????? ????????????????????????????????????m??????????????????????????????????????????v??????\\?\Root#*6TO4MP#0017#{cac88484-7515-4c03-82e6-71a87abac361}????????????v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\wudfhost.exe|Name=@FirewallAPI.dll,-30503|Desc=@FirewallAPI.dll,-30506|EmbedCtxt=@FirewallAPI.dll,-30502|???volsnap.inf??-???? ??t???t??????????? ???????????????t??{E450257C-D7D6-49C0-80D8-2451748F9259}???t??? ?????????????????????1????????????&???????????????????????? ???????????????????t?1??????*?(??? ????????t??Netv?rksadresse?????????????????????????????Root\*6TO4MP\0017????????????????t??? ???????U?????????????,????????$???<???????????????????????????????TA??????#???????????? ??????????????ol??? ???????????????????s????????"?????????????????????????????text?????????????? ??????????e??? ?????????????????????*??"?????z???????\L???????????n??????????? "?????????????????? ???????|?
Reg             HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export                                                                     ?????=?????????????g????v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=fdphost|Name=@FirewallAPI.dll,-32789|Desc=@FirewallAPI.dll,-32792|EmbedCtxt=@FirewallAPI.dll,-32752|?=??v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-29507|Desc=@FirewallAPI.dll,-29510|EmbedCtxt=@FirewallAPI.dll,-29502|??????%SystemRoot%\servicing\TrustedInstaller.exe?????\SystemRoot\System32\drivers\vga.sys????Net?????????????*6to4mp???????X??????S??????v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RPort=5358|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-32815|Desc=@FirewallAPI.dll,-32816|EmbedCtxt=@FirewallAPI.dll,-32752|????????????????????????????ServiceMain??????????z???????????????z??????????????????????????*6to4mp??B???????????????z??????????????v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|RPort=5355|RA4=L
Reg             HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Bind                                                                                 ????????????s???????????????72???????t??????????????s????????e??????????????????Microsoft???????? ??????????? ?????????????????????1????????????&???????????????????????? ?????????????????????1????????????????????? ???????????????????@??????????`????????e??{26A729AB-5945-4ADD-B374-295DA25AA003}??v???\Device\{26A729AB-5945-4ADD-B374-295DA25AA003}??ta??? ??????????????????08??? ??????????????????????????????N???????????Driver til Microsoft 6to4-netv?rkskort?4fc??????????????????? ??????????????????????????????"??? ???????????? "?????????????????ndis5_ip6_tunnel?????? ?????????????????? ???????????????????????????????????????4??Netv?rksadresse?????????????? ???????:???????????{?:????????????&????????????????????=???????????n?????e].??Microsoft 6to4-netv?rkskort?????Microsoft???? ??????????????????? "?????????????????ndis5_ip6_tunnel?????????????e??2-???????????????h??????????? ?????????????????????-????????????????????????????? ??"?????????????????@?????????????{4??Microsoft 6to4-netv?rkskort #34?8}?????????????
Reg             HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Route                                                                                ????????*6to4mp??????????????B??int?la?????????????????e??????z?????????????????????????? ?????????????????????*??"?????z?H?????37??*6to4mp?????????????????????????? ?????????????????????1??L????????? ???????56??? ?????????????????????1????????????&???????????????????????????????? ?????????????????????1????????????????????????????? ?????????????????????1????????z???????????nettun.inf:Microsoft.NTx86:6to4mp.ndi:6.1.7600.16385:*6to4mp?c??????????? ?????????????????????1????????????????????????????? ?????????????????????1????????????&???????????????????????? ?????????????????????1????????????????????????????? ?????????????????????1????????????????????????????? ?????????????????????1????????????????????? ?????????????????????1?????????????????????????????6??????6.1.7600.16385??????????????????????????????????????*6to4mp?????? ?????????????????????1????????????????????? ?????????????????????1????????????????????????????????????????????????????????????? ?????????????????????1????????????&???????????????????????? ?
Reg             HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Export                                                                               ????FF??\Device\{35DD709D-5FB5-401F-88AC-482BB716A727}??????? ??????????????????????????????N??????i????Driver til Microsoft 6to4-netv?rkskort??????? ??????????????????????????????"??? ??????-BB??? "?????????????????ndis5_ip6_tunnel????? ??????????????????????????????????????????? ?????????????????????????????? ????????????????? ???????????c?????Netv?rksadresse?D ???????????????????? ??????2??9-??? ?????????????????????????????? ????????1???? ??????d????cp6_???????????9???t???????????4??C4??? ???????U?????????????,??N?????$?j?<???????????????????????????????4-??nettun.inf??????? ???????*?????P\0??????? ?????????????????????,????????????'????????????????????}??? ?????????????????????-??????????????????????s894??? ?????????????????????1????????????????????6to4mp.ndi?3B6??Microsoft???? ???????U?????????????,??N?????$?k?<???????????????????????????????12??6to4mp.ndi???????????????*??O4??????????? ?????????????????????,????????????'????????????????????}??Microsoft 6to4-netv?rkskort #105?1??????????????????6-21-20
Reg             HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Bind                                                                                   ??????????????????z??????7??????"{????????????????????????????????????????????????*??????o???t???????????????t????N??????d??????????? P??????D?????10}????$??????B???????"??????????tunnel???????????????B????????????$?????????????????? ???????????????????B??Root\*6TO4MP\0133????????????????????0???h????z??????0??????"???tunnel???????????* ?????????d????i???????i???????????k???????l???????????k???????????????t???p??ei??e???????????????????11????????N??????d???????????????????????????????????????????i???t??????????Type????? ???????????????????}?1??????*?(??? ???????? ??????Y???????????????LAN-forbindelse* 89??????????????_??????????????V?????????????????$??????I??????????ROOT\*6TO4MP\0080??????????????????d?????????????????????????????)%??I??? ??????????????????????????????N??????i????? ???????????????????????????????????????=??? ?????????????????????????????? ????????????N??Type?????? ??????5????csc=??Netv?rksadresse?28???? ??????x????crew??? ???????-?????|????{426C438A-F8AB-4D0B-A0F1-6B32D8A36C52}??????? ?????
Reg             HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Route                                                                                  ????????? ?????????????????????????????? ????????????s??????1-???? ???????????c?????Netv?rksadresse?????? ?????????????????????????????? ???????????????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{944F4008-9178-4D36-A3BF-D76E4B9C43FF}] DATAGRAM 235??????????????????????????N?????????????????nettun.inf?_{4???????????????????????????????????????????D??93????????????N??????d???????????????????_??nn???????????????????B???????????????????????????????????d???????????????????????????????????1???e????N??????4??????Driver til Microsoft 6to4-netv?rkskort?A8A??????????????? ??????????????????????????????"??? ??????F9E??? ???????{?????47E??tunnel?1-A??? "??????9?????"?"??ndis5_ip6_tunnel?-??? ???????????????????????????????????????9??????????????? ?????????????????????????????? ????????????9???? ??????-????c995??Netv?rksadresse?26???????????????????? ??????2??0A??????????? ?????????????????????????????? ???????}"??Type????????{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?0-4??? ?????????????????????,????????z?????#D2-????$????
Reg             HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Export                                                                                 ?????????????????????????????z???????e??????16???????????????t??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4-netv?rkskort????@nettun.inf,%msft%;Microsoft????????????????????????????????????????????16??@nettun.inf,%msft%;Microsoft?t??*6to4mp?????????????????????????????? ?????????????????????1????????????&????????????????????T??? ?????????????????????1????????????????????? ?????????????????????1????????????????????????????????????? ?????????????????????1????????????????????? ?????????????????????1?????????????????????????????u???????????????v??????6.1.7600.16385??????? ?????????????????????1?????????????????????????????3??????????? ?????????????????????1????????8?????????????????????????????8?????????????Microsoft 6to4-netv?rkskort?????????????? ?????????????????????1????????????????????? ?????????????????????1?????????????????????????????0??1???????????????????nettun.inf??????????????? ?????????????????????1????????????????????????????????????? ?????????????????????1???????????????????????????????????????
Reg             HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Bind                                                                                     ??????????`??????}???{??????????????????????? z??????????????????????????r??????????????? ??? ???????????????????y????????"???????????????????????????????????????X??????n??????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F7884E79-BF0E-4312-ABD5-39197ECD221A}] SEQPACKET 255???????????????????????? ????$??????d????????????:??????A?gF-??int?????? ???????????????????y????????"?????????????9-???????????B??????97???????????A?????? 2??????? ???????r?????ess??????????????t???????????? z?????????????`???????????????????????????Root\*6TO4MP\0267???????11??????Root\*6TO4MP\0266?????????????????????X??????n??????????????? ???????????????????y????????"???????????????????N???????????D?????????????*6to4mp?????? P??????C?????}"?????N??????n????D* 1??*6to4mp??????????????????????????????????? ??????????e??{4d36e972-e325-11ce-bfc1-08002be10318}?iDE??? ????????????????????????????$?N?H?????????????????????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}\0071???????????????????????????N?????????????????{7588E4F3-8274-404A
Reg             HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Route                                                                                    ????)???????????????????????????b?????:??????f??b???6to4mp.ndi???????????????B??????? ?????????????????????,????????z?????#?????? ???????|???????????o?:????????????&????????????????????A???????????????????????? ??????????e??? ???????@????????????????????$?N???????????{FDD6179F-0978-44F1-B4FB-2DE6ED5D68D7}???????????????????????????????????????5????????????$??????0??????????ROOT\*6TO4MP\0135???????????????????????????????????????????? ???????6?????D48???????????????c???????6???????????0??????53??? ???????e??????ni??6.1.7600.16385?-4E???????????5???????9??? ???????????????????????? ?????????????? ?????????????????????????????? ????????????? ???????????c??????????????????t??????????????????int??????????????????e??tunnel????????N?????????????Driver til Microsoft 6to4-netv?rkskort??????? ??????????????????????????????"??? ???????????? ??????????????????tunnel??????? "?????????????????ndis5_ip6_tunnel????????????????????????????????????????????*6to4mp?????? ?????????????????????-????????????????????????????? ?????
Reg             HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Export                                                                                   ????????????????int?el???? ??????d????c??0??????????????????????Root\*6TO4MP\0126????????????????????y????????z?????????????? 8??????0??????????Type????????????? ???????|???????????l?:????????????&????????????????????b??????????????????????????? ?????????????????????1????????8???????????@nettun.inf,%6to4mp.displayname%;Microsoft 6to4-netv?rkskort? ??? ??????????????????????????????`????????e??? P??????E??????\D??{0632C305-18A9-4597-A8A4-EB79F682068D}??9}??????{00000000-0000-0000-FFFF-FFFFFFFFFFFF}??????? ???????1?????????????,????????$?I?<???????????????????????????????? ??? ?????????????????????,????????z?????#?? ??????#???Root\*6TO4MP\0068?????z?????? ??????????\\?\Root#*6TO4MP#0068#{cac88484-7515-4c03-82e6-71a87abac361}?B??? ???????1?????????????,??N?????$?I?<???????????????????????????????AC??? ?????????????????????,????????????'????????????????????}????????????$?????????????????Root\*6TO4MP\0068???????????????????????????\\?\Root#*6TO4MP#0068#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{0B499062-0711-4C97-8F
Reg             HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Bind                                                                                  ????????????????????? ???????i??????????? ???????|???????????l?:????????????&???????????????????????? ??????????????????????????????????????MSAFD NetBIOS [\Device\NetBT_Tcpip6_{6735B4CB-B6F1-4B7E-99B7-F51719CBA2F7}] DATAGRAM 255? ??MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D8BEFA59-B714-479D-92D2-0DD50C733807}] SEQPACKET 255???MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D8BEFA59-B714-479D-92D2-0DD50C733807}] DATAGRAM 255????????S???????????????????????? ???????|???????????l?:????????????&????????????????????4??? ???????E?????DBB???????????5?????e09??MSAFD NetBIOS [\Device\NetBT_Tcpip6_{33F745D1-CE49-460A-B71D-1F81A6D69715}] SEQPACKET 255????????????????e???????????r?????????????????????????????e? ??11?ata????z??????0??????D-????????N??????y??????? ???????|???????????k?:????????????&???????????????????? ??MSAFD NetBIOS [\Device\NetBT_Tcpip6_{33F745D1-CE49-460A-B71D-1F81A6D69715}] DATAGRAM 255?7??Root\*6TO4MP\0111???text?t??? ???????|???????????n?:????????????&????????????????????B???????????e?????e_T??? ???????|?????????
Reg             HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Route                                                                                 ????????????????????????????????????????????????????????????????nettun.inf?4?5?????????????????????????????????s????????????????????????? P??????a??????????????????6-21-2006???????????????????????????6to4mp.ndi??13????????????????????????????????????????N????????????D????? z?????????????????????????????????????????????????????? ???????A??????????????????????????????????????????? ??????????????????????Microsoft???????s????????????????&??*6to4mp??????????????????????s???????$??????int?_{????N??????d???????W????????????????????m??????????????????m?p???p???????????????????????????????????????????????????????????????????????????????????????????????????????e?????k???????????????????g????????m???????????????????????m?????tunnel?7C2??? ????????????????????????????"?????????????????????????volsnap?????*6to4mp?7}???????????????????????????0????????m?????C:\Program Files\Microsoft Office\Office12\WINWORD.EXE /IMG_WIA?B2??? ???????a?????????????5????????????&????????????????????8???????????E??30??Internal?6?????????????
Reg             HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Export                                                                                ?????????????????y???????y??????????????????????????? ??????????????????????????????"??? ??????ABE??{36fc9e60-c465-11cf-8056-444553540000}??????volume_snapshot_install?????????????? ???????????????????????????????????????0??????????????? ?????????????????????????????? ????????????{??? ?????????????????????1????????????????????????????????? 0?????????????????1.0.0.17????? ?????????????????????????????? ???????Ne??? ???????@????????????????????$?N?2?????????????????????? ???????????????????????????B??? ???????@????????)???????????.???1?????????{2AC8F195-9DCD-49EE-8B5D-53A99CE5BC44}??????? ??????????????????????????? ???????????????????????1???????2??????????????????????PCI\VEN_1969&DEV_1063&SUBSYS_18201043&REV_C0\FF7CC557002618FF00???????Z????????????d????????????????????????????1???????????????????pci\ven_1969&dev_1063&subsys_18201043&rev_c0?v??????3????c??????4E???? ?????????????????????????????3????D???????????n??? ??0???????????????? ??0????i?????7EA??????????????????? ?????????????????????1???????????????
Reg             HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Bind        ???V49???????V??? ???????????????????#??? ???V??? ????? ? ??????????? ???????V???????;??????????????????????????????????????????????????????????????g???????????????????????e???????? ??? ???V??? ????? ? ??????? ???????V??? ??? ???????????????????V??????e???? ?????????????????????????????????????L???????????????????????????????V????????????????????????????? ???????[?[?[?[?\???V?V?V??????????????????????? ???????V??08a0f27833??????????????????????????????????????????????????????????????????????????????????????????????bg??????????????????????????????? ?????????V?&??????????????????? ??????????????g????V???V?V?V??????????? ??????????????????????????????????????????????? ?????????????V?????@????"??? ????? ???????????????????????????????? ???????V?????V???????,??????????????????s?????? ???????V???????????V?,?????? ?????????????????????????????????????????????????????? ??????????????r???? ???????V?????V?????V???????????????????????????????????????????n?????????????????????V???V????? ???????V???????????V??????????*??
Reg             HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Route       ???V????????????????????????????? ???????[?[?[?[?\???V?V?V??????????????????????? ???????V??08a0f27833??????????????????????????????????????????????????????????????????????????????????????????????bg??????????????????????????????? ?????????V?&??????????????????? ??????????????g????V???V?V?V??????????? ??????????????????????????????????????????????? ?????????????V?????@????"??? ????? ???????????????????????????????? ???????V?????V???????,??????????????????s?????? ???????V???????????V?,?????? ?????????????????????????????????????????????????????? ??????????????r???? ???????V?????V?????V???????????????????????????????????????????n?????????????????????V???V????? ???????V???????????V??????????*????????????????????????????r????*??V??????????????New Hardware Profile??????????????????????????????????e??????V?V?V?V????? ???????V???????????V?,????????N????????????????????????????r????"??V??????????????Undocked Profile????ch????????????????????e??????????????,???,???V?V?V?V?V??? N??V??????????d???{e29ac6c0-7037-11de-816
Reg             HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6B683E0E-1505-488C-8053-3C1301924246}\Linkage@Export      ???Z????mnmsrvc??????Z?Z?Z???? ??Z???????????e??PnrpHelperClass???????J??Z?????????n????%SystemRoot%\system32\Pnrphc.dll,901?????Z?Z????? ???????Z???????????Z?,????????F? ??????????????????Z???????????e??RAHelperClass?????F??Z?????????n????C:\Windows\System32\msrahc.dll,400???????Z?Z????? ???????Z???????????Z?0????????N??????C??????N??Z?????????n????%SystemRoot%\system32\RPCNDFP.dll,5000???????????Z???????????e??RPC??????Z?Z????? ???????Z???????????Z?,????????T??????N?????????Z???????????e??WcnHC?????T??Z?????????n????%SystemRoot%\\System32\\wcnnetsh.dll,1000????Z?Z????? ???????Z???????????Z?,????????H?????????c???????H??Z?????????n????%SystemRoot%\system32\fphc.dll,5002???????$??Z???????????e??FilteringPlatform????Z?Z????? ???????Z???????????Z?,????????N?????????????0??Z????????????????N??Z?????????n?????Z??????????????AutoConfig Helper Class?????%SystemRoot%\system32\WLanHC.dll,20001???????Z?Z???????Z???Z???Z???Z???Z???Z???Z???Z???Z???Z?=?Z???Z???Z???Z???Z???Z???Z???Z?D??????????????????????????????????ms_
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002243c97d5d (not active ControlSet)                                             
Reg             HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Bind                                                                                ???m????????????umbus????k??? ???????k?????????????-??????????????????????s?????? ???????k?????????????,?????????????????f??? ???????k?????k???????1??L????????? ??????????????k???k???k????????? ???????k?????k???????1????????????&???????????????????????? ???????k?????k???????1????????????????????? ???????k???????????k?1???????????????????????????????????????k???k?????k??LDDM Graphics Subsystem??????k?k?k?k????s???NdisWan?????? 0??k??????????????usbhub?4????? ???????k?????k???????1?????????????????????k??????????? ???????k???????????k?1????????????????????CompositeBus_Device??????????k???D??ic??.NT?????? ???????k?????k???????1???????????????????????k???k???k????????? ???????k???????????k?1?????????????????????????????????????????k???????????k?k???????k????? ???????k?????k???????1????????????&??????????????????????????k???k????? ???????k?????k???????1????????????????????? ???????k???????????k?1????????????????????root\compositebus????k?k?????????????????3???k?????k????? ???????k?????k???????1???????????????????
Reg             HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Route                                                                               ???s?????????????m????X??????????????????????v????????m???????*??n?????????????n????Epson???????????????????????5574????????????{00000000-0000-0000-ffff-ffffffffffff}????????N??m????????D?????{4d36e96c-e325-11ce-bfc1-08002be10318}???????????????????????????????m???0??e2??????25???????????k?k?m?m?m?m?l?l?k?m?m????N??n?????????D?????????????????????? ??k??????p??????????????????????????????????m????? ???????m?????????????,?????????????????f??????????? ???????m?????m???????1??L????????? ???????? ?????m???m????? ???????m?????m???????1????????????&???????????????????????? ???????m?????m???????1????????????????????????????? ???????m???????????m?1?????????????????????????????????????????m??????????ksfilter.inf:Microsoft.NTx86:MSPQM:6.1.7600.16385:sw\{ddf4358e-bb2c-11d0-a42f-00a0c9223196}??????m?mnf?????m????? ???????m?????m???????1?????????????????????????????m??? ???????m???????????m?1?????????????????????????????????????????m???????????m?m?m?????m????? ???????m?????m???????1???????????????????????m???m???m???????
Reg             HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export                                                                              ???t?????????y???????y??????????System32\drivers\hwpolicy.sys????????????????????????????|??????????????????????? ???????s?????s???????????????????? ?????? ???????s????? ???????s???????????????????????????????????????????s??? ???????s???????? ???????????r?p??? ??????????????????????X???(??????P????????????(??????P????????????????????????X???(??????P????????????(??????P??????????????????????6??F:????l??s???h??????????/\?????????????X???(??????P????????????(??????P??????????????9p??s???,???????????????????????????????P?????????????\???(??????P??????????????????? ???????????????????<??s????????h???????D??s?????????????????????????????0???(??????P???????????????D??????o??????????????se???s?s?s?s?s???????s????????????0??s???????????????????????????????????????????'0??s???,???????????????????/???????????????????????????;????H??s???:???????????l?s?v???u?????s???s???????s???????????????4?????????? ???????????????????H??s???a???????/?????????????4?????????? ???????????????????l??s???:????????????????l??s???2?????????
Reg             HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Bind                                                                           ???t?l???????o???l??????????????????st???????k???????e???l??? ???????k???????????l?,??????????T? ???????E?????????????????????(??l??????????ms_agilevpnminiport??????l?l?????????????????????????l??????????Microsoft????l?l?l???????????????????????????????????l?lLe??{4d36e972-e325-11ce-bfc1-08002be10318}\0008???????X??????0???0????N??y?????????e?????l???????1??{4d36e972-e325-11ce-bfc1-08002be10318}??????????????????????? ???????k?????l?????l?,??????????U? ???????????? R?????????????????? ???????l???????????k?,????????P?????????????N??l??? ????D??????????0???l?????l?&??? ???????k?????l?????l?,??????????q??????????T??? ???????l???????????k?,????????N???????\v???????k???3??s???{00000000-0000-0000-FFFF-FFFFFFFFFFFF}??????{4d36e972-e325-11ce-bfc1-08002be10318}\0002?? ????d??????0?g?0??????????????? ???????k?????l?????l?,??????????W? ???????Dt??? L??????C?????NP0??? ???????l???????????k?,????????\????????????????k???????e?????????????????????l?&??{8ECC055D-047F-11D1-A537-0000F8753ED1}???&???????????????????????l?????
Reg             HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Route                                                                          ?????????????k??????s???@%systemroot%\system32\drivers\afd.sys,-1000????? ???h????????????????N??m?????????D?4???????k??????????LegacyDriver??????N??k???o????D?????mssmbios??????N??l???????????1????X??n???4???0??WPD?6_???????k???e??s????????????D???E????N??n???????????????????????i?k?k?k????ss??? b????????????????????????????????????????????k?&??? ???????k?????k???????-??(???????????????????s??????k?k????? ???????k?????k???????-???????????????????????????????k????? ???????k?????????????-?????????????????????y?????k????? ???????k?????????????,?????????????????f???k?k????????? ???????k?????k???????1??L????????? ???????? ?????k???k???k????????? ???????k?????k???????1????????????&???????????????????????? ???????k?????k???????1????????????????????? ???????k???????????k?1????????|?????????????????????????????|??k???????2??hal.inf:GENDEV_SYS.NTx86:ACPIAPIC_HAL:6.1.7600.16385:acpiapic????k?k???????k????? ???????k?????k???????1????????????????????????????????? ???????k???????????k?1?????????????????????????????????e?
Reg             HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export                                                                         ?????s??? ???????s???????? ???????????r?p??? ??????????????????????X???(??????P????????????(??????P????????????????????????X???(??????P????????????(??????P??????????????????????6??F:????l??s???h??????????/\?????????????X???(??????P????????????(??????P??????????????9p??s???,???????????????????????????????P?????????????\???(??????P??????????????????? ???????????????????<??s????????h???????D??s?????????????????????????????0???(??????P???????????????D??????o??????????????se???s?s?s?s?s???????s????????????0??s???????????????????????????????????????????'0??s???,???????????????????/???????????????????????????;????H??s???:???????????l?s?v???u?????s???s???????s???????????????4?????????? ???????????????????H??s???a???????/?????????????4?????????? ???????????????????l??s???:????????????????l??s???2??????????el??? ???????s???????????s??????????????????????????????0????????????????p???????????????????? ?????????????????????????????????????????????????? ???????o??????????????????????b??????????????????????g???????????????
Reg             HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Bind                                                                                     ???l?????????????t??????Le????????????N??m?????????D????????????????s????????{???|??????-9???l?l?l???l???l???????????????l?l?l???l???l???l??@machine.inf,%rdp_kbd.devicedesc%;Terminal Server-tastaturdriver??????X??m???0???C???????l???????????l??? ??????????????x???machine.inf:GENDEV_SYS.NTx86:RDP_KBD:6.1.7601.17514:root\rdp_kbd?????????l???????????????????a??.i???l?l????? ???????l???????????l?-??????????????????????s?????? ???????l?????????????,?????????????????f??? ???????l?????l???????1??L????????? ??????????????l???l???l????????? ???????l?????l???????1????????????&???????????????????????? ???????l?????l???????1?????????????????????????s??? ???????l???????????l?1?????????????????????????????0???????????????p??Tcpip??Win?????l????? ???????l?????l???????1???????????????????????l???l????? ???????l???????????l?1?????????????????????????????????????????l???????????l?l???????l????? ???????l?????l???????1????????????&??????????????????????????l???l????? ???????l?????l???????1????????????????????? ???????l?????????
Reg             HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Route                                                                                    ???ts??????????????????????3??????????????????????m??y??*6to4mp??v???????????t?gru??? ???????t???????????t??????????N????????????r??? 2??t??????????????\Device\LanmanRedirector??????4??t??????????Microsoft Windows Network?????N??t?????????e????@%systemroot%\system32\wkssvc.dll,-102????????F??t?????????????????t?????t??????????????????????????t?????????????????????????????????????????P??t????????h?????\SystemRoot\system32\DRIVERS\MegaSR.sys?cy???????t??????p???SCSI Miniport?????P??t???????????d??megasr.inf_x86_neutral_30b367f92ca46598??????t?t?t?t?t?tev???????|??Klassedriver til mus????@%SystemRoot%\system32\drivers\mountmgr.sys,-101????@%SystemRoot%\system32\FirewallAPI.dll,-23092????k?k?t?t?t?s?t???????|??????p???????????????p?????<??t????????h???????8??t????????h??????????????????????????????????|?|????????????%SystemRoot%\System32\ntlanman.dll??????? ???????t???????????t????????0?B??? ???????????? B??t??????????????%SystemRoot%\System32\wkssvc.dll?????????????????????????????????????????????????d?????????
Reg             HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Export                                                                                   ???t?????t?????t?????t????????????????????????L??t????????h?????\SystemRoot\system32\drivers\mpio.sys?????$??t??????p????t?t?t?t?t?t?t??? ???????t?????t?????t?????????????? ????????????????????????e??? ???????t???????????t????????(????????????????????????????????????????????????????????????t????? ???????t???????????t????????????????????????????????????5????????t???t????? ???????o?????t?? ??t????????$?p???????S?????L??t?????????e????@%systemroot%\system32\mmcss.dll,-100?????Z??t????????h?????%SystemRoot%\system32\svchost.exe -k netsvcs?????t?t?t????L??t?????????n????@%systemroot%\system32\mmcss.dll,-101???? ???t??????????????LocalSystem??????t?????t????????????????????????????????????t???ServiceMain????????? ???????????????????????????????? @??t????????????????p??t??????????????????SeIncreaseBasePriorityPrivilege?SeImpersonatePrivilege????????,??t???????????????????????????????????????t?t?t?t?t?t?t?t?t?t????? ???????t???????????t????????,?@??? ???????????%SystemRoot%\system32\mmcss.dll??????????t?????????n???
Reg             HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Bind                                                                                       ???l?u???z?z?z???????????????????????????k??????s??????????????????????l?&??{8ECC055D-047F-11D1-A537-0000F8753ED1}?tem???????????????????????????????c???b???????k??????s????????o??? ???????k?????k?????k?,??????????>? ???????B????????k???0???????l??? ???????k???????????k?,????????P????????????????????l????N??k????????D??????l?????k?&??{8ECC055D-047F-11D1-A537-0000F8753ED1}??????Security Processor Loader Driver??????b??s?????????e????LegacyDriver?e???????p???????k??????????????????????LegacyDriver?1??TCP/IP Registry Compatibility???y????l??? ???????k?????k?????k?,?????????????????????0??LegacyDriver?????l??? ???????k???????????k?,????????P???????????LegacyDriver??????N???????????Dyst?????k?&??LegacyDriver????Tcpip????????????l???????~???????????-??????Network?????Volume?etB??WinUsb?????????? ??????????s????{8ECC055D-047F-11D1-A537-0000F8753ED1}???????????o??volsnap?2C???????o??????p????l?????l?&??? ???????k?????k?????k?,??????????@??????????0???  ??k?????????0????? ???????k???????????k?,????????P?????????????N
Reg             HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Route                                                                                      ???t?????????z??????? ???????o???????????t??????????L????????????????o?????????e????????????????t?????????????????????????????????????????????????2??v????????h???????6???????????h??????????????y???????????????????????t??? ???????o???????????t?,????????^???????M????????u??????????????t????????????????????y?????????????g????????????? ???????o???????????t??????????\???????????@%systemroot%\system32\wkssvc.dll,-1007??????????????????????????????y????`????????????e??????<??t????????h??????k?k?p?p?t?p?t???????????????????????? ??k??????p????????????&??text???????????????????????????t???????????????????????????????????g????????????????????????????????????????? ???????o?????t?????t????????$???????????????\??t?????????e????@%SystemRoot%\system32\FirewallAPI.dll,-23090????? ??t??????p???NetworkProvider???????v??t????????h???????\??t?????????n????? 4??t???????????????t?t?????t??????????????%SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork??????@%SystemRoot%\system32\FirewallAPI.dll,-23091???NT Authority\LocalS
Reg             HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Export                                                                                     ?????????t??? ???????o???????????t?,????????@???????????????????????????????????????????????????????t????????????????z???t??? ???????t???????????t????????<????? ??????????????????????????e?????????????????????????e??????????????????????????????? ???????o???????????t??????????b???????????system32\drivers\msahci.sys??????????????????????????o???????????e????N??????????????d??????????????t???????????????t???t?????X??????????t??????????????????@%systemroot%\system32\wkssvc.dll,-1004???????8??|?????????e?????????u?u????????????????t??????????????????????????????????????t?????????z??????? ???????o???????????t??????????L????????????????o?????????e????????????????t?????????????????????????????????????????????????2??v????????h???????6???????????h??????????????y???????????????????????t??? ???????o???????????t?,????????^???????M????????u??????????????t????????????????????y?????????????g????????????? ???????o???????????t??????????\???????????@%systemroot%\system32\wkssvc.dll,-1007??????????????????????????????y????`????
Reg             HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Bind                                                                                         ???o?????????v???????|???????v???????t??system32\drivers\atapi.sys???????????k???,?????e???????????????????????? ~???-???????????,????????????????????m?????DiskDrive???{6bdd1fc6-810f-11d0-bec7-08002be2092f}?043??????????????t?????P??t?????????n?????n???o??FSFilter Bottom?????File System???????<??t????????h??????t???s???????????|???????u???????~????????????m??????????n?????n????? ???????n???????????n?-??????0??????????????????????????????4???????????4???????????????????????????n?n???????n????? ???????n?????????????,?????????????????f?????n?????o??? ???????n?????n???????-??L????????? ??????e:u?????n???n???n????????????????? ??vi????.??n???????9???n??? ???????n?????n???????-????????????&???????????????????????? ???????n?????n???????-????????????????????? ???????n???????????n?-????????.???????????USB2.0 1.3M UVC WebCam???????n?n???????n????? ???????n?????n???????3????????????&????????????????????????o?o?????o??? ???????n?????n???????3????????????????????? ???????n???????????n?3?????????????????????????????3??UV?
Reg             HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Route                                                                                        ???p?v?????{?????????????????|???????????r?r???????p?????p??Boot File System?????????????????n??????????????t?????"??p??????p????????????C??????AF???????????r?r????? ???????o?????p?????p??????????Z?2???????????????????????????????????????????????T??p????????h?????\SystemRoot\system32\DRIVERS\BrFiltLo.sys?????Z??p?????????e????Brother USB Mass-Storage Lower Filter Driver?????????p??????p???extended base????p?p?p?p?p?p?p????T??p???????????d??brmfcsto.inf_x86_neutral_39ae61431a44cded???? ???????p???????????p??????????,??? ?????????????,??p???????????s??/GR=OFF /TO=10 /OW=30???? ???????o???????????p??????????Z?3?????????????????????t?????????????????????????????????????????T??p????????h????????p???p??????Z??p?????????e???????p?????p??????????????\SystemRoot\system32\DRIVERS\BrFiltUp.sys???Brother USB Mass-Storage Upper Filter Driver?????????p??????p???extended base????p?p?p?p?p?p?p????T??p???????????d??brmfcsto.inf_x86_neutral_39ae61431a44cded???? ???????o?????p?? ??p??????????Z?3??????r????P??p?????????e????@%s
Reg             HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Export                                                                                       ???l?v??????????????????s??????????????????s??????N??n??? ?????D?4??USBAAPL?14??????po????t??????4?g????????????????????????????????LegacyDriver?e???????n????N??l??? ????D?????????????????????????s???????????????32?????l?&??LegacyDriver??????N??l??????????????LegacyDriver????6320?????????????l??? ???????k?????l?????k?,??????????J??????????????????????????????l??? ???????l???????????k?,????????N????????????????????????????????????????????4?????l?&???????&???l??{8ECC055D-047F-11D1-A537-0000F8753ED1}?4????? <??k???????????????}?|?|???????l??????s?????X??l???????e???t?}?}???|??????s ???????k??????p????????????????????????????????????????????l??? ???????k?????l?????k?,??????????K??????????1???????l??????? ???l??? ???????l???????????k?,????????N???????00??????????????????????LegacyDriver?-?????l?&???????????????????????????v???????l??????????????????????????????????????????????USB??????}?|?p?????}?????q?m?????k???????l???????????????????????????~?|????????-8???????h??????s????l??? ???????k?????l?????k?,??????????L
Reg             HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Bind                                                                                      ???k?u??????1-???????????????????????????????k??? ???????k?????k?????k?,???????????????????P????????????????????????? ???????k?????????????,????????N???????????System???????????????????????????????????????D???????k???k???k???j?k?k?k????s???usbhub?/???????k?&???????k???????????????k???s??s????????l???\??sn???????k???s??s????k?v?v??????????????s???????????NDIS?~???????????D??????\q??? ???????k?????k?????k?,???????????? ????????:???????k???????f???k??? ???????k???????????k?,????????P????????????????????D?????s\a??usbhub??????PNP_TDI????????k?&???????????D?????s\v??usbhub?4?????????????????????????m?m????LegacyDriver??????Z??p?????????e?????z?z?v???k??LegacyDriver??????d??l?????g?????i?k?k?k?k?k?k?????? ????????????????i?j?k?k????????PEAUTH?l p??s???????????USB??????????y??USB??????????????????????z?z?y??????????????????????????????s?????X???????????????X??m???&???&????*??k??????????? p??n?????????0?????????????????????????????k???,?????????????????????k?&???k??? ???????m?????m?? ????,??"?????l???7??????????????
Reg             HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Route                                                                                     ???v?v???????u???????????&???h??11???????????????????????????B???????????B??????????????_n??@%systemroot%\system32\drivers\RDPENCDD.sys,-100?????????|???v????X??????????t???????????B??????????????????? ???????v???????????s???????????????????e???????????????????????????p???????????u?????????e????????????system32\drivers\rdprefmp.sys????????{????6??v????????h??????????y?????v????mshome.net???????????????v??????????????????????????????????????p??????v????? ???????o?????????????,????????P????????p???????????????????????????????y???9???????? ??v?????????e????@%systemroot%\system32\srvsvc.dll,-102???????????????????y???????y?????????P??????N??y?????????n????????????????????????t????????v???????????????????????????????v???????v???????????????|??? ???????o??????????????????????P???????s????????????????????????????????????????????????????????????v???????????B???????????v???????????????????????????????????{??System32\DRIVERS\srv.sys????System32\drivers\tcpip.sys??????????????????FC???W???????????????????????????????:?
Reg             HKLM\SYSTEM\ControlSet002\services\TCPIP6\Linkage@Export                                                                                    ???v?????????????????????????????{???v???v???????????????5??Security Processor Loader Driver?????????????????????????????????v??????????????????6-21-2006???????????????????????????????t???????? ???????v???????????u???????????????????e???????????e??e-???????????2???0??@%systemroot%\system32\srvsvc.dll,-103???????????v???????????????s???????}???????????_???????{??ProfSvc_Group?????????????????????m??&??????????????????????t???????????hc?????v????? ???????o?????v?????v?0????????J???????s?????J??v?????????e????@%SystemRoot%\system32\samsrv.dll,-1??????4??v??????p???MS_WindowsLocalValidation??????v??????@??v????????h?????%SystemRoot%\system32\lsass.exe???????J??v?????????n????@%SystemRoot%\system32\samsrv.dll,-2????RPCSS???????? ???v??????????????LocalSystem??????????????????????????????v??????????????????????t??????? ????????????v?v?v?v?v?v?v?v?v???????v???????????e??? ???????v???????????v?0????????????????????????????0????????????????`???????????????????? ????????????????????? ???????????????????? ???????o?????

---- EOF - GMER 1.0.15 ----