查杀新变种3448的办法 及 查杀后不能进入安全模式的修复办法
TFV~jE>{i� bxMsh.�t5� AFW�7E(h7A *�5\5B5u�6 最近两天来新变种3448爆发,病毒特征:不能安装360安全卫士。
Vfk�T{SJ+ �[�:G�2|d� 修复工具:1、System Repair Engineer(SREng)的扫描报告;
�*�
�F�f? 2、unlocker 用于删除病毒文件。
u��f0�U�G0 ka�i`w@_�� :P[y�E;<U? 在 System Repair Engineer(SREng)的扫描报告中查找病毒文件的办法:
G)4O(b<Tre 4BNW�3�I,p 在“正在运行的进程”下面查找注入到进程的dll文件:以★嘎嘎★的报告为例(比较典型)
D
,= 4p�d ��u�/ fu:� [PID: 532][C:\WINDOWS\system32\k6s.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
`lS����K,I [C:\WINDOWS\system32\drivers\nmprt.sys] [N/A, N/A]
p<e�;n�lf1 [C:\WINDOWS\system32\rdzl7.dll] [N/A, N/A]
$�vI�ga4Zz iE�Ky[{�x� 这个进程和附带的两个文件就是病毒。一般nmprt.sys是昨天发现的共有名称,但今天的报告中发现了随机名字的sys文件。但这3个病毒文件的存放路径是固定的。
"�~�s[T_}\ exe文件的名字和位数不固定,特征是包含数字。
E05Qk%kf3m dll文件是5位包含数字的随机名字。
�|<Y^F6{]� 这个exe进程下可能还寄生其他的dll文件,最典型的就是cnnic的dll文件。本文不讨论cnnic.
L$i3->m�8 dll文件的特征是同时注入到其他进程下,几乎每个进程都有他们的踪迹:比如C:\WINDOWS\Explorer.EXE进程、rundll32.exe、ctfmon.exe下肯定有。
�\#N1w�S@h !�9M��iQU6 快速判定以上病毒文件的办法是用百度搜索一下文件名字,一般不会有搜索结果的定是病毒无疑。
S&��C �)F< =yuuN8dxs_ 删除病毒文件不用到安全模式(也进不去),用unlocker即可删除。一次删除不了请重新安装unlocker或重起,多试几次就删掉了。
NG�N!Pb({� 具体下载地址和教程:
http://btbaicai.com/read-htm-tid-661.html Qr2�^R*Onw #��[�1a�)/ EJP0qMIeB� 删除病毒文件后的后遗症是不能进安全模式,原因是病毒文件吧关键的安全模式需要加载的注册表项删除了,请下载以下文件解压后双击,导入注册表即可。
e�p*VuMKOr 请把下面内容另存为任意reg文件,然后双击导入注册表即可.
Uop o�At�q Sy�+��l^r� zi8)�BqiQv /U�q"\$iy� Windows Registry Editor Version 5.00
swIn�"TP=7 v`�&ctI��� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
`,b��2*=� "AlternateShell"="cmd.exe"
y�I.\o�pI gfN]Z��B� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal]
>�nAVg�\'H 6�E�:6H`�^ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
h~��N:^jm @="Service"
kQ}9gc�[\\ iURo�e�U![ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
H#L�mbf,k_ @="Driver Group"
L�I�l=�}qW m:UM#��Z=w [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
C��>pq\v�R @="Driver Group"
O~��4AL|�b Md'7]mp eu [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
8�5�KJ_B�G @="Driver Group"
|�e�`�!vh� xip�E�m*s� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
so���|EB6? @="Service"
! �d�
�$�2 v(m�Fj\sq [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
�aM!K8jw�m @="Service"
Xq�.��;e-� :)R�=;*@� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]
aF�Zo0-�hJ @="Service"
3~Z��d3G�< Z�kU�d1~XI [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
X6b(|`3"�X @="Driver"
�h.�A1|�ix -+|��~/tw\ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]
}e'��%+4e} @="Driver"
XI�rQ>e�Q� 9(Q��r�"h8 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]
PH|$!�ZmPt @="Driver"
�wTN\^�E-0
d% c��y�R [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]
k� �2�)s�� @="Service"
V.3pe
j{fS ��:4?�SKQ� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
wE�Vt"!^#� @="Service"
n$$2n<R+�/ �0�U�zR�5� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
95\�c]QOV} @="Driver Group"
//Ft�q�/O �lE9,/%N�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
�f[cT�8n�� @="Driver Group"
M{:V^�#[3� �JAr8mt�x� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
dq�B�bjQR @="Service"
SeS��L8Z&; cW,*FE;3%y [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
s'H2l� #]n @="Service"
^xS��)se� >7�OA>�KK [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
�eV:N�0)� @="Driver Group"
?eZ%E{WLf6 W^�~"O>i2 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
\SNXw�sQ�� @="Service"
(9�F�� o/f ~��IY_#A�v [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
/*I�OC�;.� @="Driver Group"
*�oam�J��E .}�.�5V�8 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
:Ts�'/XW�( @="Driver Group"
[J:E�/v v$ E �,^�ra�E [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
�[fI6u�xej @="Service"
sC2{h a�`( ^F&{Sv Z� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
B�MnFT(CA� @="Driver Group"
�I�R9����� � |~yfGn�' [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
8'�(>f��., @="Driver"
nzib<hK��{ `k&M3�Z�FT [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
vfBR2G#t�[ @="FSFilter System Recovery"
~}m5[ -&�b SRuke:�W?* [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]
v_""j+'1]_ @="Service"
r�h�O��a?O rXF7\�l=)Z [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
d�G�6�!8)� @="Driver Group"
,�mR�c�/(� |:� ��w)@ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
isHv�j�t�~ @="Driver"
^T0%V��g]c |o�4noE/�P [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
L$5oj^^�\T @="Driver"
&Sn�& wi` ="M�Y6,wq? [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
ja�Xa=aq<� @="Service"
\y):C(�|K� K7e��GLi0{ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
E�Ny�|r�RS @="Universal Serial Bus controllers"
_v,����Z,N &�TX3��a�: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
%$[`0�Lveh @="CD-ROM Drive"
V�kj
;Z�k m%�S6����[ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
Z<�Gp�I|=b @="DiskDrive"
I7��4�7Y2 0$i/8U� Q> [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
U=�'T��i�V @="Standard floppy disk controller"
�n67�SM�%e ~Y/�#$f'�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
qSDiZuL.7) @="Hdc"
�ksn=]\�aa hYN/Z�9vt� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
6.��H!T�7B @="Keyboard"
�*O�HH*u�P ^ZxO�`;K+f [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
0�4�KF��D& @="Mouse"
:Nxw5w�V�� 'TBo(-�E8[ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
�0�K"�S-\� @="PCMCIA Adapters"
4 �R$
��f� 1L^�:[��
o [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
8�w"MK)�U^ @="SCSIAdapter"
�&4*Z Do|? a:g�0�2[ P [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
7!d<r
ZsD? @="System"
q1j�.|'St/ -]c^vDw�. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
�:,�#c>ReC @="Floppy disk drive"
|pC1=�$~�6 ;�~�'3�' � [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
�^^f�bi�F� @="Volume"
�Qn7R�E\"s A]~=�ss�Tq [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
V�@YFe�9�8 @="Human Interface Devices"
j*cY�+$R� wU��C�K`2n [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network]
,?F�sizgE& G
@"FM4W�& [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
ldK��fRn9@ @="Service"
�^le1)o~� jWI{��,iD [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
}���9QUt�� @="Service"
}{��we�H!t He����� 8` [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
rM�_��)��= @="Driver Group"
]k&N;GJoA6 MZ�o1&>}z� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
iuDD�q'�r @="Driver Group"
tH}.68/M�% :F?�0"p��5 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
@PN�:��Hf� @="Driver Group"
"Z
�#EY��, 'fW.-pQ)�L [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
RT=~�hE:' @="Service"
hLuq]8"�lO �{~T;X~�_C [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
S�U8)p2[lG @="Service"
,(H|��<('W ��x��4�sh� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
m_a,���{(� @="Service"
wf&af&v.UN i] ^8P%�c{ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
cQ+Vw��X^c @="Service"
^@uDFpUf�/ �2S~�ifU%� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin]
D���5/ jt� @="Service"
k�sI�:4�L� eW}y�T)�6 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys]
I?=Xd/bNuA @="Driver"
0]�eQn4;!e crfzGcVs&� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys]
V�%q?:C�W! @="Driver"
dJ��Pf1�^@ �^�s7�6gVs [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys]
�iK�wbF3 | @="Driver"
b"Pjn'�k}s F�l�5KD��_ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver]
YJ|,va+�2D @="Service"
W$[9��Nq@k c\�8"d(3(! [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
eE|1b\�xP @="Service"
M�l4\�#a<� ~Tg�7(8eZ8 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
.j1\$4�mb @="Service"
Q��
CFhc$$ $Q�8qB!�B [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
,e!Qn�O�� @="Driver Group"
�Dd+Xk�`�s )�:�Y�s*U` [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
I�q\f2u [ @="Driver Group"
:��Y66E<6 +46
�)�A=S [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
j1@agHP��7 @="Service"
�m}%E�5R�� �'.*D/9z'� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys]
{oaG|jL4�i @="Driver"
7V�OA�/H\d t^�
$:��v� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
8 �\1uL=!3 @="Driver"
du~.W�V�}� 4Tn��j�;]< [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
�%@HC?#_� @="Service"
�.dp `��q� _j�<���c�" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
Of4<�AD(�� @="Service"
[Wk~���P�� }]vR���}?. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
A 0C|�nv�� @="Service"
g%q-&�[wZg /YB�?�� yU [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
��G {���q� @="Service"
.H2LM��!{�
b]
F\mG�, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
�U��r� {b\ @="Driver Group"
�21My�E9�6 �qO�>�wlUh [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
P}�zf �?ex @="Driver Group"
$CZ�{z+p=G Gq!BW6
O7? [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
�mf�A0g�3� @="Service"
4j�:9T_qH �!niZG[�}� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
gQMrOk��� @="Service"
'~YR��e>N& *0�UZ'��L= [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
G�]g'�9whV @="Driver Group"
'3�u��R�'� oN�sAS0!*7 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
W���]=IaA� @="Service"
#:Exp]n
�� �"#T�"|2h2 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
hZ~q6g�81Y @="Driver Group"
kXa4F
T[r2 'QJ\�Q�g$4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
3C#Dxd]h&� @="Service"
*z\rn�Z$� �xijh|zE�i [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
d2�+GxDji� @="Service"
�oB7�M�)-� >Pa�?I%�.= [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
b=LBuz��%y @="Driver Group"
dF+#$�?p<_ �k4W�aY� | [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
D�I'}RIRF� @="Driver Group"
s/|]ok.0�E )VZAq[{A{� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp]
YM�s�~l�c5 @="Service"
5'�\1E5(Y� 29�i�u$~f� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
�_
T/��,|3 @="Driver Group"
\:GY>}Fwx^ G��B�(iD?O [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
Q�L#�0>$s` @="Service"
�/>kV�!&/] S+�����\�Q [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
`.'g[�?A)P @="Driver Group"
4@4"�%8�5| �iT9M�)�6� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
C(v`�2v��� @="Driver Group"
�{j7�!o�_� |b.+�PxI;� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
P]}ACEzl#V @="Driver Group"
A�L�tT� uR YF-6�SF,O+ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys]
�"Y:r�OX�� @="Driver"
83w�nDANV} \YhySnD��2 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys]
`8_~u[�D?. @="Driver"
�!��qxt\R{ -a|qT��s M [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys]
�a�#?Z��,( @="Driver"
[]ySAW.�p9 \3@yM-e@Q [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
��W'<Dt)"4 @="Service"
]r��Fn�3CD �Bi�zZv��' [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
�)Al7u`>p' @="Service"
8%IMv�Kgc �B�8~~�lB [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
|3Nh4Dv� � @="Driver Group"
�&<g6p2j)6 ��;xl]h(n& [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
"+:S�U$��E @="Driver"
�}rKM
4�P( �Ii�QT7pk, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
?P�$^�J5g� @="Service"
rmaOn�2DV� \L|~8EV�oR [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys]
r(�.;h{q[ @="FSFilter System Recovery"
� �Zk�&�Y# `tG?@Nb�{\ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService]
�g$T+G �3 @="Service"
�(w�d�dgGO �/R�"b�zuW [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
(-��Q�&�V� @="Driver Group"
�8>n]�2��� ;] {�%y8bu [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
!&�Cx�Z.fB @="Driver Group"
[W&].<i�N' 4M��O�+e;n [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
h}�{8�h�
� @="Service"
{j3-U� �m� #B�I�XT3|; [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
U)CfLKlAX@ @="Driver Group"
�bUolO9~j4 8L32AL@f�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys]
0a1{pKE M= @="Driver"
L�3K7Q/.)* H;_�����E6 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys]
U!n?�laxY� @="Driver"
T[)t(�.a�& UC0�W���@� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice]
F}QV�p29�� @="Service"
D9�3w1(L�A SX[�f�-M�M [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys]
%�^H(%�%:| @="Driver"
BA#u@�L�� csW1/O-V�% [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys]
�QK�p=QQT� @="Driver"
|9�9cy?6<R \av��v/J�` [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
Dc2k9B>,q @="Service"
sxt1/��3(? xy��?\bqV [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC]
Iy,Rp;�dIN @="Service"
3!�@[iY�Wg �")L� �lY [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
eEIvXV��4O @="Universal Serial Bus controllers"
8+t/23Rn6 u?��|W[#N: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
'Z_]Z � '{ @="CD-ROM Drive"
lU-�=�a\�� 6bs��~�?U8 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
�#CR��'�.! @="DiskDrive"
g�p[7N#2m/ sLb*��nxS� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
Z�j��/�"|H @="Standard floppy disk controller"
(CC{S�$.=l �AXe'�kG�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
1.mk�Ab � @="Hdc"
+q'��p-sO� �RzM^a9�[� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
#+r��bX��< @="Keyboard"
�z�gO�,t?. /l.�UKRXK9 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
\ U'*J/\ @="Mouse"
&3%[[l�:?. l Y(;{#(*` [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
Jzoy� y��H @="Net"
�=�B�Yd,�� e�m}�C3fk [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[��
,O61A� @="NetClient"
�pS;�9(&*| �uUodn�M [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
y{�:7F80L @="NetService"
�!�p5.�$$~ ��{b JjI� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
o�aoL�.�Zd @="NetTrans"
~#+ e$��h� yUWwoz+d�L [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
q9.��R`�;j @="PCMCIA Adapters"
h�lQF��"�6 ���vJS;[rc [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
%�G.w�tQ�� @="SCSIAdapter"
tRs$��u!Q� ��A${'}/{X [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
\&$DAI�`,R @="System"
Zj�J|h]�d �f>[6=23tF [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
Ny_|l`�9{ @="Floppy disk drive"
��pfh�3H_� �V@8H`/mvV [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
'o�;�iq2Gs @="Volume"
J�<|_}h�m _;3#�z�#�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
p��ilE�g�� @="Human Interface Devices"
~b@`�(uIav 
