Gmer Log
It doesn't feel right with all those question marks on the log. Please let me know if I need to redo it. Thanks.
GMER 1.0.15.15627 -
http://www.gmer.net
Rootkit scan 2011-05-17 18:19:27
Windows 6.1.7600
Running: uemjkx87.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind ????????????? ???????????????????????????????????????e??????????????? P?????????????????{DFD7DC36-5D24-4B3D-AA3F-C3A7C2D1F948}????????????*???????????d?????TCPIP6TUNNEL?Tcpip6???????`?????????????\Device\{DFD7DC36-5D24-4B3D-AA3F-C3A7C2D1F948}?????????????????????????????????v????????????????? ???????????????????????????????????????f????????????????????????N????????????D????{00000000-0000-0000-FFFF-FFFFFFFFFFFF}??????? ???????0?????????????,????????$?f?<???????????????????????????????????? ?????????????????????,????????z?????#?????????#?????$?????????????????Root\*6TO4MP\0099?????z?????????????????\\?\Root#*6TO4MP#0099#{cac88484-7515-4c03-82e6-71a87abac361}????????? ???????1?????????????,??N?????$?f?<???????????????????????????????????? ?????????????????????,????????????'?????????????????????????????????$?????????????????Root\*6TO4MP\0099???????????????????????????\\?\Root#*6TO4MP#0099#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{DFD7DC36-5D24-4B3D-AA3F-C3A7C2D1F948}?????????? ???????:?????????????:????????????&??
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route ?????????????????7?????????????nDA??CSR plc?3F??tunnel????????6??????i??r????????????????????????????????????????????D?????????????t7-??????h???????2????????i???????????????????????????????????????????????????????e???????k???v??????????k?????:???????????h??????????????????r???.??lk??? ???????0??????????tunnel??00??? ??????????????????????????????? ???????????????? ????,??????6??????????i??tunnel???????&x??????????????????????????????&x?????????????????????????????????????????????\*???????????&???????????t??t???????????????????????s???????????????????????????????????????????????????????RE??system32\DRIVERS\raspptp.sys????????????????????????*6to4mp??????????????????????????????f???e????????????2Local Area Connection* 88????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????4Microsoft 6to4 Adapter #79????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export ??????????????????????????????????~??????9??E4??A?(?????????????????????la???(???????o????????????????????????$??????-??????CC??????????????0???????????????????????????????\\?\HDAUDIO#FUNC_01&VEN_8086&DEV_2802&SUBSYS_80860101&REV_1000#4&206B846E&0&0101#{dda54a40-1e4c-11d1-a050-405705c10000}\HDMIOutputTopo2_96?ft%????$??????7??????????11??????????????????????????????????{5860E1C5-F95C-4a7a-8EC8-8AEF24F379A1}?015??Microsoft???HDMI Device Mixer?????~??????????????????????e??????????????s?????????????????????N??????????t??????1-??????????? ????????????????????????"?????p?t?????"{???(N??????n??????????????????????????????????????????????????????????????*6to4mp?????tunnel????????4Local Area Connection* 136???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????6Microsoft 6to4 Adapter #127???????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001f81000250
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001f81000250@0016415e3134 0x4C 0x18 0x13 0x4D ...
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\6To4\{E34795C0-74C1-4058-81B3-465A2DF34445}@InterfaceName 6TO4 Adapter
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\6To4\{E34795C0-74C1-4058-81B3-465A2DF34445}@ReusableType 0
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Bind ????????????4.82.4.0????? $?????????????????????????????????*6to4mp?t ??{4d36e972-e325-11ce-bfc1-08002be10318}?y?z??Type????????????? ???????????????????o?????????? ????????z??? ??????????????????????????????"??? ???????????? ??????????????????????????????????????????????????? ??????????????x?????6?????????????16??Microsoft 6to4 Adapter #31?6?2??tunnel???????????????????????9???????????8???h??int?????? ?????????????????????0????????????????????? ?????????????????????0????????????????????????? ???????U???????????T?,??N?????$???<?????????????????????????????????????4?????????????\\?\Root#*6TO4MP#0025#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{3285B6B8-E53E-442B-B587-684E623A38A9}?A-??? ???????:?????????????:??????????H?&????????????????????-???????????4?????epi???????????B??Type??????????????????????N???????????D6EE??EE??tunnel???2??????????? ??????????????????????? ???????Z?????????????0????????????&???????????????????????? ?????????????????????0??????*?4??? ??????to4??Local Area Connection* 35???? ???????Z?????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Route ????????????????gencdrom????????ri??v2.10|Action=Allow|Active=FALSE|Dir=Out|Protocol=17|Profile=Domain|RPort=138|App=System|Name=@FirewallAPI.dll,-28531|Desc=@FirewallAPI.dll,-28534|EmbedCtxt=@FirewallAPI.dll,-28502|?????????y???<???????????????z???;???????n???????????5???????????|??*6to4mp??~???????y????X??????z???t???????????i?k???|?????????????????????y??v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Public|RPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-28531|Desc=@FirewallAPI.dll,-28534|EmbedCtxt=@FirewallAPI.dll,-28502|??API.dll,-28502|????v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|Svc=Rpcss|Name=@FirewallAPI.dll,-28539|Desc=@FirewallAPI.dll,-28542|EmbedCtxt=@FirewallAPI.dll,-28502|??API.dll,-28502|??????????z???;???????????;???n?????????????????????e??????X??????z???t???z??????????????????.i??????????????TDTCP????y??????????????v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Profile=Domain|I
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ????????????????11???k???????????????????????????B??10????????????????????????????????????????????????X??????????t??????????????????????????????????????????????????tunnel?I.d??NDIS?-????????????????????????????????X??????t??????*6to4mp???????????????N??????3?????D-4???9??text?*??????????????????????????text????? ?????????????????????0????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}????????N????????????D????????????????????????????????????????????????????Microsoft???????????????????????????Microsoft 6to4 Adapter???i??{4d36e972-e325-11ce-bfc1-08002be10318}\0043?????????os??????????????????????????????????????????????????Type????????????Microsoft 6to4 Adapter #30??????????????????????? ????????????1??????`???????????????N??????|?????|?????????j????????????????????????:????????g?????????????i??Microsoft???????????11??????????????????????????? ???????C?????1-9?????9???????.4??~6??.7????????s????????????????????????????~?????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}??????Type???????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Bind ?????????????????b???????9??????????????????????????????nettun.inf?g????? ???????7?????:49??6to4mp.ndi?128??? ???????F??????n4???????????????????????A??????????? ????????????????????X??????l???t??????????????????Net?????????????????t????????|???????????????????????????????????????????????????????????????????????o???????????c??????????????????Net?????????????Local Area Connection* 230? Ad??*6to4mp??0??????89??Microsoft???tunnel??????@%systemroot%\system32\drivers\hwpolicy.sys,-102?????????????????????????????j??????????????????? ???????}???????????????????????????????????h????????????????????????????????$??????e???????e??Root\*6TO4MP\0038?????z??????e???????e??\\?\Root#*6TO4MP#0038#{cac88484-7515-4c03-82e6-71a87abac361}?e??? ???????1?????????????,??N?????$?)?<???????????????????????????????????? ?????????????????????,????????????'????????????????????}????$?????????????????Root\*6TO4MP\0038???????????????????????\\?\Root#*6TO4MP#0038#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{4D15299A-9449-48B0-B7CB-B44F1989642E}
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Route ?????????????????????????????h????z??????-??????27???????????0????z?????????????????? ??????????????n?????`?????????????????os??????????????????????????????????????????????? l??????|??????????????????????? ???????????????????t?~????????????$???????????????????$???????d????????????????????h??????s???????????? ???????????????????u?~????????????$???????????????????????????d???????????????????d???????????????????????s???????????????????????????????d???????????????? ???????????????????t?~????????????$???????????????????????????????? ????????????????????????(???????????????????s??.??? ?????????????????????,????????????????????????????????????????? ?????????????????????,??4?????????????????????????? ???????????????????j????????"???????????????????|???????????????@???????????????@???????????????????????????????D?????????????????????????????????????????????????????????????????????????????????volume.inf????????$??????N???????N??USB Root Hub?????????????~????????????X??????}??????????-8??? ?????????????????????0??L????
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ????????Internal?n??????????????????????????http?????????????????????????????????o?????? A??????????????2.1.0.334??????????????????????????????????????????????????????s?????????????l?l?l??STORAGE\VolumeSnapshot??????disk.inf????????????????????? ???????l????????????????????????????????????s?????? ???????l???????????????????????????????f??????os??t???? ???????l?????l???????0??L????????? ??????????????l???l???l????????? ???????l?????l???????0????????????&???????????????????????? ???????l?????l???????0????????????????????? ???????l???????????h?0??????????????????????N???????????D????????????????????l????? ???????l?????l???????0?????????????????????????l??????????????machine.inf:GENDEV_SYS.NTamd64:Volmgr:6.1.7600.16385:root\volmgr?E???????????????3??? ???????l???????????l?0?????????????????????????????3??????????????????t??????m?????m?????l????? ???????l?????l???????0???????????????????????l???l???l????????? ???????l???????????l?0?????????????????????????????6??????????????????t????l?|?k?????l????? ???????l?????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Bind ?????????????????????????1???h??*6to4mp?????Type????????????????????????????????????*6to4mp?A1????~??????E??71???????????F??-D???? ??????????e????????????????????????????X??????C???t???????????????????????????t???????|??????????????????????????text????????d6???/????X??????i???t??????????????????????tunnel??????Microsoft????????????????????????????????l?l?l?l?p???n???????????????????????"???????????B??Microsoft?????~?????????&???? ???????%???????????????????????????????????????3??????????????????Storage volumes?????Microsoft???*6to4mp?69???????????d??p4????N??????1?????D"????????????????????????????????t??????????????? ???????????????????????&???&??Net?????@msmouse.inf,%msmfg%;Microsoft???8???????????4??????????}"????????????????T??????????????d??????????6-???????????????????????????????????????????????????????????????????????????????l??tunnel??????????????????????????????????s???????????????????msmouse.inf:MSMfg.NTamd64:HID_Mouse_Inst:6.1.7600.16385::hid_device_system_mouse??????N??????7?????D-B??????Un?????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Route ?????????????????????????e??un??????????0???????0???usbprint.inf:Microsoft.NTamd64:USBPRINT_Inst:6.1.7600.16385:usb\class_07:generic_usb_printer?0??? ?????????????????????0????????????????????? ?????????????????????0????????????????????? ?????????????????????0?????????????????????????????"??E7??? ?????????????????????0????????????&????????????????????-??? ?????????????????????0????????????????????? ?????????????????????0?????????????????????????????9??5-??????????????????????????????????????????????nf??? ?????????????????????0?????????????????????????????4??8-???????????????2??? ?????????????????????0?????????????????????????????D??38??????? ????????????????????????????????????????????s?????????? ????????????????????????????????????????????s?????????????????????????? ???????????????????????????????????????f??? ?????????????????????0??L????????? ??????69???????????????????????? ?????????????????????0????????????&???????????????????????? ?????????????????????0????????????????????? ?????????????????????0???????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage@Export ????????Net??t??????????????????????????Yahoo! Updater?DB3???????????????????t??USBSTOR\DiskSanDisk_Cruzer_Micro____8.02?USBSTOR\DiskSanDisk_Cruzer_Micro____?USBSTOR\DiskSanDisk_?USBSTOR\SanDisk_Cruzer_Micro____8?SanDisk_Cruzer_Micro____8?USBSTOR\GenDisk?GenDisk??????{4d36e967-e325-11ce-bfc1-08002be10318}??????Sony Camcorder USB Device????????????????????????????_??63????>?????????????????????????????????? ??????????????s????????????????????????????????????????????????????????????????????m??????????????????????????text?????????????0??????????????????????????????*6to4mp?????????? ???????????????????k?0????????~???????????Disk drive?DF-??????????????????????????????Dr??e???????????????????? ?????????????????????0????????????????????????v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|RPort=2177|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=Qwave|Name=@FirewallAPI.dll,-31265|Desc=@FirewallAPI.dll,-31268|EmbedCtxt=@FirewallAPI.dll,-31252|????????&???????1?????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Bind ?????z??@nettun.inf,%msft%;Microsoft????{4d36e972-e325-11ce-bfc1-08002be10318}\0152?EA???????????0??6-??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter?8E??@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter?????{4d36e972-e325-11ce-bfc1-08002be10318}???&???????????c??????"{????N?????????????????????????????????????????????????????????{4d36e972-e325-11ce-bfc1-08002be10318}?????????????????????sct??????????????Microsoft 6to4 Adapter #136?????? p?????????????????Microsoft 6to4 Adapter #137??????u???????????????????????????????A???e??? ??????????????????@nettun.inf,%6to4mp.displayname%;Microsoft 6to4 Adapter?#0??? ??????????????????????????????????????????????#0??*6to4mp?????????? ??????????????????????????????????????????? ??????????????????Microsoft?????????????????6?????????? ???????????????e??????????????? ???????U?????????????,????????$???<???????????????????????????????9-??{00000000-0000-0000-FFFF-FFFFFFFFFFFF}??????? ?????????????????????,????????z?????#BEA??????#???Microsoft 6to4 Adapter #138
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Route ??????????N?????????????????11??????????{1606977A-2A78-4474-8E7A-EEFB4E46B4EC}???????????t??????????????? ???????????????????????????????????????????????????????B????X??????)???t??ROOT\*6TO4MP\0117???????os??.NT?4E??Bluetooth Device (RFCOMM Protocol TDI)??????????????????????????????? ???????|???????????t?:????????????&????????????????????}??? ???????@????????????????????$?N???????????????4E??? ?????????????????????0????????????&???????????????????????? ?????????????????????0??????*?4??? ??????er???????????????????????????????^???????????????Local Area Connection* 94???????????? ??????????????Z????d??????6_????$??????1??????????{74F17A76-DD8B-4E03-A114-D15858141050}?? "??TCPIP6TUNNEL?Tcpip6??-????`??????4???D??\Device\{74F17A76-DD8B-4E03-A114-D15858141050}??4-???????????4??????tB?????????y????????????????? ???????????????????????????????????????f????????????????F-4F????N??????0?????DE8??{00000000-0000-0000-FFFF-FFFFFFFFFFFF}?9F2??? ???????0?????????????,????????$?T?<???????????????????????????????70??? ?????
Reg HKLM\SYSTEM\CurrentControlSet\services\NetBT\Linkage@Export ????d6???/????X??????i???t??????????????????????tunnel??????Microsoft????????????????????????????????l?l?l?l?p???n???????????????????????"???????????B??Microsoft?????~?????????&???? ???????%???????????????????????????????????????3??????????????????Storage volumes?????Microsoft???*6to4mp?69???????????d??p4????N??????1?????D"????????????????????????????????t??????????????? ???????????????????????&???&??Net?????@msmouse.inf,%msmfg%;Microsoft???8???????????4??????????}"????????????????T??????????????d??????????6-???????????????????????????????????????????????????????????????????????????????l??tunnel??????????????????????????????????s???????????????????msmouse.inf:MSMfg.NTamd64:HID_Mouse_Inst:6.1.7600.16385::hid_device_system_mouse??????N??????7?????D-B??????Un?????????????????d????????????????tunnel???????????????B??????????HID_Inst???????????????????????????????????s?9????~???????????????????????N??????0????D898??????????????????? ??????????????s????????????????t??? ???????r??????????????????*6to4mp?????HID\VID
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Bind ?????&??????????????????????????? ???????U?????????????,??N?????$???<???????????????????????????????-4??????????????????????????????? ??????????????? ?????????????????????,????????????'????????????????????}????????????2Local Area Connection* 47????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????4Microsoft 6to4 Adapter #38????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Route ??????????????????????????????????????????????.?????????????????? ?????????????????????0??????????????????????????????????????????????$???????????????????X??????t??????????????????? ???????U?????????????,????????$?O?<???????????????????????????????????? ??????????????????6-21-2006???????????????????????????????? ????????????????????????????0???????????????s?????? ?????????????????????0?????????????????????????????F??????????? ???????????????????????????????????????f??????????????? ?????????????????????0??L????????? ???????? ??????????????????????ndis5_ip6_tunnel?3??????????????????????? ????????????????????????????????????????B2C3??? ?????????????????????0????????????????????????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????Microsoft 6to4 Adapter??????????????????????????? ?????????????????????0????????????????????? ?????????????????????0?????????????????????????????T?? A????N?????????? ??????????????????6.1.7600.16385?d?d??????????? ???????f?????????
Reg HKLM\SYSTEM\CurrentControlSet\services\Smb\Linkage@Export ????16???????????????????6??50????????????N??????????z??????????????????{637c490d-eee3-4c0a-973f-371958802da2}???????????????B??10????????????????????????????????????~??????9??E4??A?(?????????????????????la???(???????o????????????????????????$??????-??????CC??????????????0???????????????????????????????\\?\HDAUDIO#FUNC_01&VEN_8086&DEV_2802&SUBSYS_80860101&REV_1000#4&206B846E&0&0101#{dda54a40-1e4c-11d1-a050-405705c10000}\HDMIOutputTopo2_96?ft%????$??????7??????????11??????????????????????????????????{5860E1C5-F95C-4a7a-8EC8-8AEF24F379A1}?015??Microsoft???HDMI Device Mixer?????~??????????????????????e??????????????s?????????????????????N??????????t??????1-??????????? ????????????????????????"?????p?t?????"{???(N??????n??????????????????????????????????????????????????????????????*6to4mp?????tunnel????????4Local Area Connection* 136??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Bind ????os??????? ?????????????????????0????????????????????? ?????????????????????0??????????????????????.?????????????????????????? ?????????????????????0????????????????????????????????????????????????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????? ???????F??????????????????50??????????? ?????????????????????0????????????????????? ?????????????????????0????????????????????????????????????????????????????????????? ?????????????????????0??????????????????????????????????????????????????????1B872A39}?\D??? ?????????????????????0????????????????????????????6.1.7600.16385? Au??*6to4mp?????text????? ???????:?????????????:??????????.?&????????????????????m??{20549206-CEFD-4183-BEC9-0CF7B714B6E8}???4??Internal????????????????? ?????????????????????0?????????????????????????????????0????$?????????????????ROOT\*6TO4MP\0135???????#???????????????????????????????????????????????????? ???????9?????????????,????????z???g????????????????????????????????????????????????????}??? ?
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Route ?????????????????????????????????E??44??6.1.7600.16385?}"???*6to4mp???????`?????????????????????? ?????????????????????0????????????&????????????????????8??? ?????????????????????0????????????????????? ???????????????????t?0?????????????????????????????d??,-????6??????????6??????????? ?????????????????????,???????????????????????????????????????????????????????????????????????????????????7F4???????????8???????5??BTHENUM\{00001101-0000-1000-8000-00805f9b34fb}_LOCALMFG&0000\7&2f76bdb7&0&000000000000_00000000?41??? ?????????????????????,??????????????#4CB???????????7??????7D??\\?\BTHENUM#{00001101-0000-1000-8000-00805f9b34fb}_LOCALMFG&0000#7&2f76bdb7&0&000000000000_00000000#{86e0d1e0-8089-11d0-9ce4-08003e301f73}?L_{??????????#???? ?????????????????????,???????????????????????????????????????????????????????????????????????????????????}96??????????????????????BTHENUM\{00001101-0000-1000-8000-00805f9b34fb}_LOCALMFG&000a\7&2f76bdb7&0&0016415E3134_C00000000??????????????????????E6EC??? ?????????????????????,???????
Reg HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Linkage@Export ?????B????N??????z???????z????,??????A???6???????????????r???e??????????????????????????????????Root\*6TO4MP\0150?????????????????????????????&?????????????????? ???????8?????896????N??????6?????D"{???????????????????????????????j??????????Ty???????????F??????5_????$??????3??????????ROOT\*6TO4MP\0131????????u???????????????????t???/???????????????????o???h??????????????????????? ???????|???????????t?:????????????&????????????????????6??? ??????????????????????????????????????? ?????????????????????,????????????'????????????????????}??tunnel?FF}????$??????????????????????????????????????????????????????y???h??? ???????:?????????????:??????????)?&????????????????????t??? "?????????????????????????????????????????????????????????????????????tunnel??????Root\*6TO4MP\0212?????:????????g????????????????????????????Microsoft 6to4 Adapter????????z???????????????????X??????&???&????????????<?????????????ndis5_ip6_tunnel????? ??????????????????????????????????????????????????????Intel Corporation???tunnel?C9C??? ???.?
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind ???8?????????????????????6??? ???????????????????6???????? ??????????6????X??6??????????{71a27cdd-812a-11d0-bec7-08002be2092f}\0000?in??? ???????.?????6?????6??????????????q?????????????????????????????????????????????????????????}?????? ?????????????????????????????????????/??????^????????????????????????????/#????????6??????????????STORAGE\Volume\{9c418323-d778-11de-9074-806e6f6e6963}#0000000000007E00???????????6??????????????\\?\STORAGE#Volume#{9c418323-d778-11de-9074-806e6f6e6963}#0000000000007E00#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}????????6???????h??volume.inf??????? ???????6?????6???????0????????????&??????????????????????????6???6????? ???????6?????6???????0???????????????????????6????? ???????6???????????6?0???????????????????????6?????????????6???????6???????6???2??6???volume.inf??????? ???6??????????????volume_install???6?????6????? ???????6?????6???????0???????????????????????6?????6??? ???????6???????????6?0?????????????????????6?685???????6???????????????????????6???6???????6???6??????volume_
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route ???8?????????????????????????????8???????????2??????? ???????8?????9?????;????(??? ??????????????????????????????????????@???????????????????????????????????????????1???????~??*6to4mp??????????????????8??????????????? ???????8?????8???????0????????????????????? ???????8???????????8?0???????????????????????8?????????????????????????????????????8?8??????????????z?????????????????????????????????????{00000000-0000-0000-ffff-ffffffffffff}??????nettun.inf?465???????8??????????6to4mp.ndi?2e6??1????????8?9?????????????8???????????8???????????-??????????????????????? P??8???F?????A-4????*??8???2????d4E8??Microsoft 6to4 Adapter???????8?8?8?8?8?8?8?8?8?8?8?8?8?8?8?8?8?8?8?8?????8????`??8???1???????????????8?8?8??? ???8???#?????848???8???????????k???????r??tunnel???????????????7??????????????????????????????11???????8???9?9?????????????????????????8???~??oo??? ???????8???????????8???????????????????e??TCPIP6TUNNEL?Tcpip6??5??? ???????????????????8?8?8?8NN??11???????8??????????????????????{3D6522E8-F0E4-42C7-ADFF-26B94B
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export ???8?:????????????t??;???????????????????:???????h??????????????A-???:???????????????????????:???:?????U?:????`??????????????:??netsstpa.inf??????\??:?????????n????@%SystemRoot%\System32\drivers\pacer.sys,-101??????:???:???:???:?:??? ???????:?????:?????:????????*????? ???????????? ???????:???????????:????????"??????????k???;?;????? B??:??????????e???%Systemroot%\System32\wshqos.dll??????????????????????h???????????????????????h??????????????????????????????????????????????????????????????????????????????????????????????????????????:???????????????????????? ??????????? ??????????? ??????????? ????????????????????????????????????????????????????????????????????x?????????? ??????????? ??????????? ??????????????????????????????????????????????????????????? ??????????? ??????????? ??????????? ???????????????????????????????????????x??:???:???????????:???????:?????????????????????????????x?????????? ??????????? ??????????? ??????????????????????????????????????????:???????????????t????x????????d?????????? ????????
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001f81000250 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001f81000250@0016415e3134 0x4C 0x18 0x13 0x4D ...
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Bind ???j????????$???4????? ??????? ????H?????????????????????????????? ??????????9??????????????Microsoft????????????????????????????$???`???????????????????????????????????-?????s?-????X??d??????????????$???4????? ??????? ????H?????????????????????????????? ???????.??d???7??????????$???4????? ??????? ????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????(????????????????????????????????????????????????????????????????????????????????????????????????&???????$H??`??????????????????????????{72631e54-78a4-11d0-bcf7-00aa00b7b32a}\0000?????ACPI\Processor??????? V??g?????????.?.??System???????$???`????????????????????????????N??d???1?????DP0?????o?????$???`???????????????????????????????;??????s?????X??????.???0??????$???4????? ??????? ????H???????????????????? ?????????????????X??f????????????0?<???????????????????????????????????{00000000-0000-0000-ffff-ffffffffffff}??{4??? ???i???v??????????System?????????????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Route ???o?????$???`???????????????????????????????;??????s?????X??????.???0??????$???4????? ??????? ????H???????????????????? ?????????????????X??f????????????0?<???????????????????????????????????{00000000-0000-0000-ffff-ffffffffffff}??{4??? ???i???v??????????System??????????????????????????????System???????$|??`??????????????????????????? >??`???-????????????h??????0?g?????$|??`????????????????????????????N??`?????????D?-???$|??`??????????????????????????{72631e54-78a4-11d0-bcf7-00aa00b7b32a}???.????N??e???/?????Ddr????X?????????????System??? ???$|??`??????????????????????????ACPI\PNP0103?*PNP0103??0-0??? r??????e?????ips???$???d??????????????????????????{4d36e96f-e325-11ce-bfc1-08002be10318}?riv??? ???g???i?????-De??Intel64 Family 6 Model 23 Stepping 10, GenuineIntel???????l??????o????Hste???????????? ??Z??? ????????? ?*???`??%SystemRoot%\System32\LogFiles\AIT\AitEventLog.etl????????????????????????????18?????????0???????????????????????????? ????????????????????????????????????????????????????????????????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ?????`?????q?:????<??o????????h??????????o???????????4???-??? z??????n??????????????s?????????????f??o?????????e????????????Extended Base???????????????ep??6-21-2006???????"{??Net??&??????-2??????s???System32\drivers\hwpolicy.sys???11??????????s???????????s???? ???????o???????????o?????????????? ??????nst????0??o?????????e?????????o???u??????????????????????????????tunnel?{?{??????????????????????????????????????????????????????????????????????????????????????????????????????t???????????System32\Drivers\ksecdd.sys??????????????????????o?????o???o???o???o????%SystemRoot%\System32\kernel32.dll???????????????????}??Net?F}??????????????t????????o???e???e??system32\drivers\fileinfo.sys???@%SystemRoot%\system32\drivers\fltmgr.sys,-10001?????????????????????????????????o????:??o????????h?????Net?????????????????Net??z??? Z?????????????????????????????t???t???text??????????????J?????????????????Net?????Bonjour Service?Se???????r?r??????f??o????????h??m???d?o?o?o?h?o?o???????????????o???????????????????????e?????????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Bind ???o?o???`????`??????s???g??????????????????????2????/?????????????????????????????s????Net?un?????????????????s?????`????h?????? ??? ????N??????z??????????monitor???????N??????6????D7ab???????A???e??s????????`???:???:???:???`?`?`???`?`?????`???`??????????????? ???????`???????????`????????>???????????e??????????????????????????????s???????????????????????????????????`???????q??clbcatq.dll?????? ???????`??????????????????????????????????????????? ???????`???????????`?????????????? ???????????? ???????`???????????`????????*??????????????????`??????????????s???netfxcustomperfcounters.1.0?SharedPerfIPCBlock?Cor_Private_IPCBlock?Cor_Public_IPCBlock_?????????????????????????/???`?`????? ???????`???????????`?????????????? ???????????? ???????`???????????`?,????????,?????????s??????????`??????2???ole32.dll???NDIS?????????`??????????advapi32.dll?????????`??????????COMDLG32.dll????gdi32.dll?????,??`??????????????%SystemRoot%\system32?????,??`??????????????%SystemRoot%\syswow64????????`??? ???????????`??????2????????`?
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Route ???q?:????<??o????????h??????????o???????????4???-??? z??????n??????????????s?????????????f??o?????????e????????????Extended Base???????????????ep??6-21-2006???????"{??Net??&??????-2??????s???System32\drivers\hwpolicy.sys???11??????????s???????????s???? ???????o???????????o?????????????? ??????nst????0??o?????????e?????????o???u??????????????????????????????tunnel?{?{??????????????????????????????????????????????????????????????????????????????????????????????????????t???????????System32\Drivers\ksecdd.sys??????????????????????o?????o???o???o???o????%SystemRoot%\System32\kernel32.dll???????????????????}??Net?F}??????????????t????????o???e???e??system32\drivers\fileinfo.sys???@%SystemRoot%\system32\drivers\fltmgr.sys,-10001?????????????????????????????????o????:??o????????h?????Net?????????????????Net??z??? Z?????????????????????????????t???t???text??????????????J?????????????????Net?????Bonjour Service?Se???????r?r??????f??o????????h??m???d?o?o?o?h?o?o???????????????o???????????????????????e?????????nab?????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ??????????????????????????????????????????????,??s???????????????????????????????????????s?s?s?s?s?s?s?s?s?s????????????????? ???????s???????????s????????,?D??? ???????????????????????????????????%SystemRoot%\system32\hidserv.dll???? ???????s?????s???????????????????????????o????? ???????s???????????s??????????4?????0??????????????????????????s????????????????????????4??s??????0???HID_DEVICE_UP:000C_U:0001????s?s?s?s?s????????????????0?????? ???????n??????????????????????R????????????????????????????????????????????s?s?s???????s???????u????`?????????????PEAUTH??????????????????????????????????????t???????????????t???Net?B-??local????????????????????????????????????????????????????????z???y??????????????????????t????????s????????????????P??s????????h?????\SystemRoot\system32\DRIVERS\HpSAMD.sys??????????s??????p???? ???????n?????s?????s????????$?`???????????@%SystemRoot%\system32\kmsvc.dll,-6???????Z??s????????h?????%SystemRoot%\System32\svchost.exe -k netsvcs??????H??s?????????n????@%SystemRoot%\system32\kmsv
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Bind ???k?s???k?????????????????s?????k???????j??? ???????????????????????????????k??Microsoft????????k???k??????1R??? ???j????????????????N??k????????D?????? \??k???????????????????????D?????s\M??????\M???????????k???????????/????Z??o?????????n?????????????????????k??????????? ???????k?????k?????l????"???&???????????????????????B??k???-?????????n?????????.???k???????~???k???k???????????????????k??????????????????NativeWifiP??????????????????????????????k??????s????k???????b??? ???????D??????????1.37.0.0?????k?????k????@%SystemRoot%\system32\drivers\mountmgr.sys,-100?????????????????????????l??????????PrinterBusEnumerator?????????k??????????????????Bus Number 0, Target ID 0, LUN 0?????????.??int?el??Microsoft???Microsoft???????????????t?????*??????/?????????n?4???{??????{8ECC055D-047F-11D1-A537-0000F8753ED1}???????????k??????s???ms_l2tpminiport??1???k??? ???????F??????si?????????????????????????? ??????????s????Microsoft???????????????t???acpi.inf?????????????k???e?j?k?k?k?k?k???????????n??or??? ???????j?????k???
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Route ?????????????????????????????-??s5??????????????????????? ??????????????????????????????Microsoft 6to4 Adapter????????X??????????t??? ?????????????????????0?????????????????????????????m??t%??Microsoft????????????????e???????????????t???????l??? ???????????????????z?????????? ???????48??????????????????????????????????????????????????? ?????????????????????????????? ????????????????? ?????????????? ?????????????????????????????? ???????B6???? ??????4????c?ce??? ?????????????????????????????? ????????????-??? ?????????????????????????????? ???????ro???? ???????????c?????????????????????? ?????????????????????0??????????????????????????????????????????????????????????.?????????????????? ?????????????????????0????????????????????text??????2Local Area Connection* 56????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????4Microsoft 6to4 Ada
Reg HKLM\SYSTEM\ControlSet002\services\NetBIOS\Linkage@Export ?????????????????&???????????????????????????????&???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????&x?????????????????????????????????????2-??????h???????C?????????????????????????"?????????????????????????keyboard.inf_amd64_neutral_423c286802951189?????????Microsoft???????h???????&????????????????????????????????????????????????????&??????????????????????????????cpu.inf_amd64_neutral_ae5de2e1bf2793c3????????r???????????????????????????????????????????????????????????????????????????????r???????????????????????????????????????????????????????????????????????????E??????????????????????????????????????????????????????????????????????j?k??@??????s????????????????????????????????0?????????????????????ec???&??????????????????????????????Microsoft Composite Battery Driver???????&???????1?????
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Bind ???f?l?????f???g?????f??????????????? ???????f???????????e?0????????????????????machine.inf:GENDEV_SYS.NTamd64:NO_DRV_PIC:6.1.7600.16385:*pnp0000????????f???????????f?f???????????????????????f????? ???????f?????f???????0????????????????????*pnp0000????? ???????f???????????f?0?????????????????????????f?????????????????????????????????????f????? ???????f?????f???????0???????????????????????f???f???f??sor???? ???????f???????????f?0?????????????????????f?f?????f?f????machine.inf??????f?f10?????f????? ???????f ????f???????0????????????&??????????????????????????f???f????? ???????f?????f???????0????????????????????? ???????f???????????f?0????????????????????6.1.7600.16385??????????????????????Microsoft??????f????? ???????f?????f???????0?????????????????????f?fS???t???? ???????f???????????f?0??????????????????????D??f???????????????????????????????f?????????????????f????? ???????f?????f???????0????????????????????NO_DRV_PIC??????????? ???????f???????????f?0????????D???????????Programmable interrupt controller??????
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Route ????????Net?????????????????t????????|???????????????????????????????????????????????????????????????????????o???????????c??????????????????Net?????????????Local Area Connection* 230? Ad??*6to4mp??0??????89??Microsoft???tunnel??????@%systemroot%\system32\drivers\hwpolicy.sys,-102?????????????????????????????j??????????????????? ???????}???????????????????????????????????h????????????????????????????????$??????e???????e??Root\*6TO4MP\0038?????z??????e???????e??\\?\Root#*6TO4MP#0038#{cac88484-7515-4c03-82e6-71a87abac361}?e??? ???????1?????????????,??N?????$?)?<???????????????????????????????????? ?????????????????????,????????????'????????????????????}????$?????????????????Root\*6TO4MP\0038???????????????????????\\?\Root#*6TO4MP#0038#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{4D15299A-9449-48B0-B7CB-B44F1989642E}?????? ???????:?????????????:??????????l?&???????????????????????? ?????????????????????????????????e?????????????v??????11??????????? ?????????????????????0????????????????????? ?????????????????????0???
Reg HKLM\SYSTEM\ControlSet002\services\NetBT\Linkage@Export ?????????????????????l??????vi???? ???????????c??&????X??????-???8???????????.???g???p?p?????????o???????????????????????????????????t??????text????????????? ???????U?????????????,????????$???<???????????????????????????????????????????????????????????????????????????????? ?????????????????????,????????z?????#?????*6to4mp??2??LocalSystem??"????`???????????????????????8?????????????16??????????????????????#???? ???????Z?????????????0??????????I?&???????????????????????? ?????????????????????0??????*?6??? ????????????????????l??????????????????????????? ??????????Local Area Connection* 148??"?????????????<???????????h?????????????0-??????????@netavpna.inf,%mp-agilevpn-dispname%;WAN Miniport (IKEv2)???tunnel?o?????????????7?????s-9??????vi??disk.inf??????????????6??????r??ri??(????s???????i????N??????A????DDev??????85??t????????????????????9?????????????a9}???????????????????"Smb" "Tcpip6" "{D9CC9143-98B3-492E-8DDC-854BE096BB79}"?"Smb" "Tcpip6" "{1E6348A8-7A63-4110-8B92-FBF61D0BF3D9}"?"Smb" "Tcpip6" "{7F4D6F87-
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Bind ???h?t?????h?????????????????????????????y???g?h????? ???j????????????????X?????? ?????????g????@machine.inf,%pci\ven_8086&dev_2448.devicedesc%;Intel(R) 82801 PCI Bridge - 2448? ??? ???j????????????????N??????2????D0????Net?? ????N??l????????D??4???????????h??? ???????h????????????????????????????????????s?????? ???????h???????????????????????????????f???????????h??? ???????h?????g???????0??L????????? ??????????????g???g???g????????? ???????g?????g???????0????????????&????????????????????8???????f???????????h??????????????C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\HDAudio.sys,-203??Au??? ???????g?????h???????0???????????????????????h????? ???????h???????????9?0????????????????????4&156aa809&0????????????????????udfs???????h????? ???????g?????h???????0????????????&???????????????????????? ???????h?????h???????0???????????????????????h????? ???????h???????????g?0???????????????????????????????????????????????????????????????h????? ???????g?????g??????????"????????
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Route ???s????\SystemRoot\system32\drivers\iaStorV.sys? ???????s??????p??????????????????s?????s??SCSI Miniport?????V??????????????d???????????!???e????@??????p?????ees???????v???t?t?t??McAfee Inc.???????????????????????????R??s????????h????????????????g?????????????????????????????????s??os??t????t?t????? ???????s???????????q????????&????? ??????????????????????????????e????? ???????n?????s?? ???????????$?????????c???@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193????????s????????h????????? ??????????????????s????"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"??????????s?????????n???????????????????????s?????s??@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8192???? ???s??????????????LocalSystem??????????s???+???????????s?????????e????????????????????????????????????t???????????????t????s???????????????????????????????????????????????s?????????????????
Reg HKLM\SYSTEM\ControlSet002\services\Smb\Linkage@Export ???t?t???????t?????????????????????t?????????????t???????????????????????,?????????d??????????????????????????????????2??t????????h?????? ???????t?????????????,???????????? ??????????????t????? ???????n??????????????????????V???????????????????????t???system32\drivers\MSPQM.sys??????????????????????????????????????t????????{?????????????????????????????t????11?175??system32\drivers\rdprefmp.sys???????????????????Microsoft?????(?????????p????????????????o??@%SystemRoot%\system32\drivers\nsiproxy.sys,-2???????????????????o???u???????????z??s????????????t??? ???????n?????t????????????????V???????????????????????????? ???????n???????????o?,????????T???????M???system32\DRIVERS\o2mdgx64.sys?2mdgx64.sys???@%SystemRoot%\system32\drivers\partmgr.sys,-100?????system32\DRIVERS\pci.sys????????????????t???????????????????????????????????????????USB\VID_0A12&PID_0001\5&3180cb00&0&1????????????t???? ???????t???????????t????????<????? ??????????????????????????e?????????????????????????e??????????????????????????????? ?????