查杀新变种3448的办法 及 查杀后不能进入安全模式的修复办法
S�m w3L7�. o�Z_
YB-F$ f_z�r()Q�N ~O�z�r;sH8 最近两天来新变种3448爆发,病毒特征:不能安装360安全卫士。
��o�D"8SV$ WKc.Z�]l3� 修复工具:1、System Repair Engineer(SREng)的扫描报告;
�@F�VR��h� 2、unlocker 用于删除病毒文件。
oud�O:`&pt 3�-$��,y�{ aO�1[O oH. 在 System Repair Engineer(SREng)的扫描报告中查找病毒文件的办法:
�G75ZnxD�A x>KEXaQNKQ 在“正在运行的进程”下面查找注入到进程的dll文件:以★嘎嘎★的报告为例(比较典型)
[�H.ra#0R| 9D�g>�E)"� [PID: 532][C:\WINDOWS\system32\k6s.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
iU@MYo�0r1 [C:\WINDOWS\system32\drivers\nmprt.sys] [N/A, N/A]
`R;/Z�)THY [C:\WINDOWS\system32\rdzl7.dll] [N/A, N/A]
t4*DI4�#�� '`�;4Y4J\t 这个进程和附带的两个文件就是病毒。一般nmprt.sys是昨天发现的共有名称,但今天的报告中发现了随机名字的sys文件。但这3个病毒文件的存放路径是固定的。
�2L(ORl!(4 exe文件的名字和位数不固定,特征是包含数字。
I/|z���
l< dll文件是5位包含数字的随机名字。
VdTM|x�K? 这个exe进程下可能还寄生其他的dll文件,最典型的就是cnnic的dll文件。本文不讨论cnnic.
�%�j�;jbCd dll文件的特征是同时注入到其他进程下,几乎每个进程都有他们的踪迹:比如C:\WINDOWS\Explorer.EXE进程、rundll32.exe、ctfmon.exe下肯定有。
6/qal�U�PG 0BVu#X(� R 快速判定以上病毒文件的办法是用百度搜索一下文件名字,一般不会有搜索结果的定是病毒无疑。
ot�93�C�VR �AQ�Z>�0WK 删除病毒文件不用到安全模式(也进不去),用unlocker即可删除。一次删除不了请重新安装unlocker或重起,多试几次就删掉了。
?EGb0�E�J� 具体下载地址和教程:
http://btbaicai.com/read-htm-tid-661.html c&�8�I�5se Gy�
�o .�2 }.F[��v\|� 删除病毒文件后的后遗症是不能进安全模式,原因是病毒文件吧关键的安全模式需要加载的注册表项删除了,请下载以下文件解压后双击,导入注册表即可。
~^w1>�C��? 请把下面内容另存为任意reg文件,然后双击导入注册表即可.
hj(�gd^9�* JrQV�ec�Ef V!R^D9/�( p;z�@E&.�� Windows Registry Editor Version 5.00
�t|��Q3��Z ')A{A�i��� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
sX[�l��Zy* "AlternateShell"="cmd.exe"
�GGh�SI~�� :�wI�D&�SU [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal]
QX_@nB�S�~ ,a03C]���U [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
OQ��r�[�p� @="Service"
�H�-p*���h &Mw�Rs���, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
*!ww"v�1�� @="Driver Group"
SJ~Iy!qPps bZ�s�Bbfq= [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
Ws$-rFnzV� @="Driver Group"
-�H,<zk�Q: /t�|z�"']4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
F}^pL(,-`a @="Driver Group"
^BE�F;4J=D uOn?X8.g. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
s{c!�=,"� @="Service"
�DMW�:0b3� (p-~.B;)�, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
cb~+{f�<1| @="Service"
s�-�b(?o0. P�:(bs�h,l [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]
b��UuSx'Js @="Service"
�1�47���Oy �wy?x`F�|| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
@�.ZN1 ;9J @="Driver"
�h��?>TApO ��?��vY!$\ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]
�j5 @T$6N� @="Driver"
0>VNZ
:,P @Nx~��&�[: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]
`"W.'�xn&C @="Driver"
5O�@-nnC+� xj;Pq'g�TL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]
DM\mg[�s�, @="Service"
'�w0��'D]� NHxVW�a�R [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
.r}(&^K�rd @="Service"
O}�q�i<�-� �m;�!�-V=� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
Czm8
fM:M� @="Driver Group"
���&Ku
m45 Lo�X��(�)M [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
uM&b*skCO5 @="Driver Group"
y%�@p~qZaK �*�c9[OoD" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
~_f�m=4m~� @="Service"
�aw�z_p&�� N;Hc'%+I�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
��11n��mPf @="Service"
i�=~c99�7; \dTq�b%A�N [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
�\b#@�2$�t @="Driver Group"
3~��6L�s�6 pb_-%Q.��C [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
MAXCZzcXW� @="Service"
+{D�<"Q��� l8a�&?5TVM [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
�PGLi(D;XT @="Driver Group"
C7Ky.3I�6J 4�$|y�v1r� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
P���
*GtQ @="Driver Group"
_E��4eJZ|L �jG3�Cu|RA [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
uV�=DW�w`W @="Service"
(r�h;;ci|K r�=A5F�~6w [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
D�+@g|�)/" @="Driver Group"
`fh$ocM#<� b4C�gG�]}v [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
+.$_RTsIf� @="Driver"
�y=l'86s�^ *���OHG;Z2 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
k0A3B-^�x @="FSFilter System Recovery"
~P,3�E���&
�,ME>|{W [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]
�VF>M�<ZY1 @="Service"
R��bA`t7eC >\�Wm�~�V# [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
L�-�W��H� @="Driver Group"
O�%$z�*1zL JK0Ym@d(^W [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
r[j1Ti�u@ @="Driver"
$FY�<�"MoG �CTVpp'�a{ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
�KC�[zh�sB @="Driver"
k*x�e�IW
m ,FNF@qfk�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
��:�~kn�%W @="Service"
K~5W"O�/�� >&�iG5fU
a [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
"EU�H5,
�\ @="Universal Serial Bus controllers"
�l
Cl�+4d� ZQ6m)P3$�l [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
� �Ky�5h�l @="CD-ROM Drive"
�C1z[@}�Tr WndD�jM�~a [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
rf?eGG{8Eh @="DiskDrive"
sE�?.W�WU] �Yrj+���d7 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
Pz0~j{�){y @="Standard floppy disk controller"
�G oyjxQ�+ .�r��e{,(W [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
LYgo�wT-,X @="Hdc"
R��3`DXg�� i��y��k��t [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
p�\�]'z�xa @="Keyboard"
�J5C'��) - \nq��R]mX [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
�v�(
w%u# @="Mouse"
z�<1Z(��ym O4l9�a6*gU [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
g^P+ndE�)- @="PCMCIA Adapters"
h F5}?v�@* �bUI=1GAMh [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
=Oc�PbxT x @="SCSIAdapter"
Y0&5*)<��~ ��$i��F@�R [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
;�rM06bu�k @="System"
�|L5M#qOvb ��h�#�=��� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
DWax)*q}C` @="Floppy disk drive"
s{j8�o[:�+ �p��`%�`<W [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
~�mQz~�E: @="Volume"
�vl��G-+9^ %�U5�9.4a� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
Bj}`!�=^u/ @="Human Interface Devices"
�\pV{�<v�6 z�!~@Eek=R [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network]
�"A*x4_(/ @�+�QO2%6/ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
8SqAJ�o}E� @="Service"
9�Z�yp�3$� ��o2\f�fv] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
lmEd�{p�pf @="Service"
�h"|Uyv),s <J�/_�Opnh [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
�[���LsX^+ @="Driver Group"
dQ":]8��q" x�{R]--�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
�u7YlKp�f @="Driver Group"
:fv��K$$f# ��}z|IdP�m [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
7[�k�mQq;" @="Driver Group"
&T�-{S
TG� \Dh�D �e�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
I~[t�v`$? @="Service"
s�?G�
bfMo "aG:P3�6x! [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
�%T(7�|R)@ @="Service"
�f%\H�_s � .isa�DkqE [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
L�0(4EaCP\ @="Service"
�n 5\3iA9~ �9\2J-]ZJ� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
YJ�}�u$lc� @="Service"
>Gd3W}�2\J kaH/q$7.�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin]
rCv>.$��l @="Service"
>t�I-y(P�x kDuX�ZUS~M [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys]
�5<�C|�p)5 @="Driver"
q8)2}�#��� C�20q����| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys]
�`~Dl�6mOh @="Driver"
va�Q:{5L9> h�yxnyIP%E [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys]
=nH�/�!9z� @="Driver"
��^u '�wP' }{4,�?E7h9 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver]
d;r#y5)��� @="Service"
��hggB��7? �dk]|v�E�s [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
@P��r2&<TM @="Service"
�C Ybdh�"S '�f�i*'&H� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
J�3EL1|:�F @="Service"
�>?KX�J&l@ Q,7'%�Jkp* [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
1��v}��14D @="Driver Group"
@�Rp(`mi�K hs*J{pr@_ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
(�yM/�c)Gs @="Driver Group"
DUO}:&63z� �C9#VAzHPX [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
�;(&r�U/Uh @="Service"
"Z 4%ra1+> |�bo1��Z?� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys]
*��$,����H @="Driver"
NXs<j}qC�< �V�&kW�&z* [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
kc\O!�v\�Q @="Driver"
��=�#d9jP, u�uO�)�k>� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
)�qP��anus @="Service"
B�cl�$~N� �:L(�T"lHL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
Cb��Zh5)/ @="Service"
8a�����e]: Iq5��j��?� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
q�_n��G�Vn @="Service"
_O{-;y�1h) VTtk�* I� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
$y4{r[�PGt @="Service"
Oy!�]4r)wg E#=6)2e2xi [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
D0?aJz]-BU @="Driver Group"
H�CRl
iE�= ga�+TbyV`8 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
E<Lo
�}b3 @="Driver Group"
�Bu}X#<:wt mv�S �e8)p [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
xY*;as |VU @="Service"
�p�Ozr�0�< w�~+M��wm [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
-[eQ_R�[X! @="Service"
2��)x���aN S<l�x�g�rc [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
`R'8^�"�,� @="Driver Group"
l�?`dga9�B _Z�qx�x'QZ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
$K��g>kKI% @="Service"
rR9N(>.�71 $canzN0t�` [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
�o�o$&�u%� @="Driver Group"
/df-X\U�AT �I=yA8�b�B [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
*0}bjE�(vu @="Service"
gk�#Qm@��F zRNL Te\� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
c�D�g,ym@R @="Service"
�N�Cb;�ub$ r��+: LvNS [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
F)�[9L<�<# @="Driver Group"
v>�)]�- x| �c8HP��;j [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
Fj�2f]L�O� @="Driver Group"
69f�5&|!!V .ybS+w7d;� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp]
$UT���ms8u @="Service"
}B�CmO8WLo �c-�DG.UZK [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
R"Duu�'A� @="Driver Group"
PPg1�:d~_u s50C�oSa(O [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
�\[�U[[{/y @="Service"
Uj#�K�~9Cf �R�<\�+�mN [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
-P]<��ME�5 @="Driver Group"
8�`H R:r�� ^:j��"s8w7 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
-'^i#O�1+j @="Driver Group"
J^yp:c6bIu O1Nfm�V-�q [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
`&b\1�^��7 @="Driver Group"
f\K;-x]�/ �:^�Gb�2C: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys]
l?[~=�z�Y, @="Driver"
XuY4t$�w� <B��WuBP,H [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys]
�b�CFH(7�K @="Driver"
D~��7�.62, �/<�0��%a: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys]
��fY
�DYU> @="Driver"
7h�_hlg�3 �\��@]�u15 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
Ws4"_'�vaM @="Service"
!��!GzGY6L .J[]8P2K�Q [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
�xm=eQS�dc @="Service"
8?x<cwW>:g
n%.86Vi�? [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
C�i8T��$"� @="Driver Group"
W�yFRC:E!� s�;]mFM?3< [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
��-�Ttw,�d @="Driver"
"wpDrU;Y*X �itm�/(]�W [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
gDDy��M4� @="Service"
�a �"U5SO� ��7K%(-azY [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys]
ugv{��]D\q @="FSFilter System Recovery"
Q8d4�a\�~G 7y/rd8#;GT [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService]
:Gm�0Q[1�I @="Service"
�Y2Ub6X�m( k���(a*2G9 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
�r�Zn3�.pQ @="Driver Group"
5q/pBTXeq1 !�@Fv5s$w' [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
C&{D.p��@p @="Driver Group"
2
a���$|a k7+�6FkEO* [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
�J6k�nAo$b @="Service"
9[I?LJK`D� :#]`-N�j�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
)Syw�5w�,c @="Driver Group"
N[T&�)�}od #XpP><^*%# [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys]
8rq� �P+-� @="Driver"
NpM�T�Y9�� '�*���t8/P [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys]
;tS+�9�Z�y @="Driver"
gQ']tkf`�' ��5��Y/k]� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice]
$�uE�Wk� � @="Service"
tI,_r;<d4& ^-�]W*dkN@ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys]
n/XO�n)}8z @="Driver"
1Q}X�h>iP� �p=�fT!O?F [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys]
�kb`unK�mZ @="Driver"
�P=e 58�Wn ���ED_cECu [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
"PQ[ "vX4_ @="Service"
�;K^�C8IP� �c@�At0od| [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC]
}KUtj6'KO@ @="Service"
��t34���j )��{S'G}J+ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
%�#�-7�6R� @="Universal Serial Bus controllers"
P3;]V|�E)p _
?L(!�dm3 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
_DS�y�$rE% @="CD-ROM Drive"
Y?C�J�:Wb� �l8*�eD1}g [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
�>)�=�(<He @="DiskDrive"
hI�A?�K%G A�==/{��SH [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
SX�5;&Eo!� @="Standard floppy disk controller"
'k����F$rX *�-��Q�v{ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
9/*oEd�Ay% @="Hdc"
�F :q<�A!i FW7F=�u�q� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
w%�)$PP2KF @="Keyboard"
k\�(�+��(a �vh�>s`15o [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
#R9�=]�BA" @="Mouse"
,�9rrTM8 �h"UO-c&j� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
FUO
;i�<#^ @="Net"
$)�Ib� ,O x�^���bj� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
K��m�EK�:4 @="NetClient"
�rwuu��f9M .�&Ca-:�V� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
�Y�E�JEyWQ @="NetService"
�8�lAH��?D ��&��4�>1: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
:&Q{O#
dH1 @="NetTrans"
S��Oh��V|G .Ho&epZJ`� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
1�A��dD,zj @="PCMCIA Adapters"
b��a.WA� : 3i�6HK�7l= [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
M�Uv��L~�. @="SCSIAdapter"
�(FLCPBQ�: �6a7wM/�! [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
V,�B;{U>J_ @="System"
ET�(S=�BI? zUI`*I!3
> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
H9)S9r�jlg @="Floppy disk drive"
$d�ul��.!- -�|&P_-Z) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
�1`*�l'{�1 @="Volume"
�f9Gu�[+$| 3{1���U7Ke [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
36Fp^1d�G} @="Human Interface Devices"
7v_fVR"M2% 
