查杀新变种3448的办法 及 查杀后不能进入安全模式的修复办法
+�(k���Mrw #�M9hYRj^$ eN�<?^w:�\ �gU[eV):FR 最近两天来新变种3448爆发,病毒特征:不能安装360安全卫士。
w�'x����E� ��_BNN!QX� 修复工具:1、System Repair Engineer(SREng)的扫描报告;
�`QJ�bcQ>e 2、unlocker 用于删除病毒文件。
uALw:h0Y; �Ty6���d�y �B�[V�Po� 在 System Repair Engineer(SREng)的扫描报告中查找病毒文件的办法:
7V)|_[,��c S�\t�pO% v 在“正在运行的进程”下面查找注入到进程的dll文件:以★嘎嘎★的报告为例(比较典型)
>QR"Z�{{r0 �n"ETU�(^ [PID: 532][C:\WINDOWS\system32\k6s.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: $��m|FYx [C:\WINDOWS\system32\drivers\nmprt.sys] [N/A, N/A]
�NT[�/T�Qm [C:\WINDOWS\system32\rdzl7.dll] [N/A, N/A]
\SGlt~�t]� )��Ap,7^
; 这个进程和附带的两个文件就是病毒。一般nmprt.sys是昨天发现的共有名称,但今天的报告中发现了随机名字的sys文件。但这3个病毒文件的存放路径是固定的。
|f|l{21�zh exe文件的名字和位数不固定,特征是包含数字。
�)�R'Y[2:W dll文件是5位包含数字的随机名字。
?y\�Z-���, 这个exe进程下可能还寄生其他的dll文件,最典型的就是cnnic的dll文件。本文不讨论cnnic.
*DOKh�9'5n dll文件的特征是同时注入到其他进程下,几乎每个进程都有他们的踪迹:比如C:\WINDOWS\Explorer.EXE进程、rundll32.exe、ctfmon.exe下肯定有。
��i���X|�F Ph�;FWRl�� 快速判定以上病毒文件的办法是用百度搜索一下文件名字,一般不会有搜索结果的定是病毒无疑。
'}ph3iNo;3 L]{+��-[^. 删除病毒文件不用到安全模式(也进不去),用unlocker即可删除。一次删除不了请重新安装unlocker或重起,多试几次就删掉了。
1X�O;<N@LB 具体下载地址和教程:
http://btbaicai.com/read-htm-tid-661.html �-�K2+t�!� 1R��&5r,ay &��3Ka^/G, 删除病毒文件后的后遗症是不能进安全模式,原因是病毒文件吧关键的安全模式需要加载的注册表项删除了,请下载以下文件解压后双击,导入注册表即可。
����yVnb7 请把下面内容另存为任意reg文件,然后双击导入注册表即可.
)g,P ?M* Z N %��$foT� ��2|-<8u�� a�%<Qi�^� Windows Registry Editor Version 5.00
P�9{5Y-��� cD7�)B{�b? [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
���sT�Y�~ "AlternateShell"="cmd.exe"
0YWd.�qc�U <5'Cq9^#4� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal]
Jyb~YUE��� )njbsaeOTN [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
��D}M�ttr! @="Service"
=�t��sX�<� !�j �z#�Xf [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
!9p>T~|=}} @="Driver Group"
Gd_�p�xb�k d�.#�]:S�k [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
E{`e&�b4p) @="Driver Group"
d,E3D�:,9� %>a9�|�i_o [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
TJ>]^7[a�a @="Driver Group"
�iTaF8*-fq f�
�'|^#�Z [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
�w�f[08[�� @="Service"
~�e�]es�B. MKu�wWw9�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
=M0>%e�`1 @="Service"
_�_�ms_��b a5>%D/<Ud, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]
K/G:guru/r @="Service"
�:w-hBD%�J �/�S�3T�F [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
�Z
7�wVJ15 @="Driver"
<� �9'o)r~ B�l1>#4��p [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]
J�B1�]��R+ @="Driver"
NF��v[�Mg# �L�y1|%(N2 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]
g}ck>�Npk1 @="Driver"
H{7i#PND 0 3tBB3L['L� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]
��r1(���gU @="Service"
2D5B0�9�� ��j3Ny�R�, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
�f;>�Dx,)� @="Service"
<2��w,K��[ @���!�*U&e [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
,v�Yn"d%� @="Driver Group"
2�j�kcCe{; �]~Kf�o�e [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
�!n�M,?�Z5 @="Driver Group"
l#bvU�|>^a =s�\�'eo?9 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
<j�ppV%MQ@ @="Service"
\o{?}�n@PC +3 +~)��V [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
a9Ud.xQ�/> @="Service"
L{t_njDI`� >�+\(�x�v< [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
/M3$^@o/^� @="Driver Group"
lD(A�K��u{ I-mq0xe�z [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
~FXe~(�"8# @="Service"
%",!`�O��l FN*jE�B|x# [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
`�H
+�P��� @="Driver Group"
f6��3{b�W� f��) 4~CY; [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
'<D.cs9lpS @="Driver Group"
#�i0(n�"S� <�%b%�EQBZ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
� C45�$!L� @="Service"
�S_���O-]C �/7{p���Y� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
OVFH�^r&�� @="Driver Group"
��lw_#P
e* T0'�V.�97. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
&B � @�mV @="Driver"
>#�%m3���� 0zDViT��[} [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
B�C<4b�{Q\ @="FSFilter System Recovery"
4e�PXvV]`o IY�JD��#FG [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]
Zcg6E)7`� @="Service"
m��nT+0�.l ^B(sj*F�o� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
A�`vU?5B � @="Driver Group"
qs��H% TyO LLIrb��1�f [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
*���@tvsvB @="Driver"
��5G4Tb*� %M!��<k"[ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
h2
~p�9�M> @="Driver"
[De�%&3��� >�"�.$b�d [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
mR/�%|\�19 @="Service"
2�P7� +:"@ /4zw1:���� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
CR-<BNQ?*m @="Universal Serial Bus controllers"
4D�;U&r3we `sA�0(Z�$� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
J"S9�8!�C. @="CD-ROM Drive"
X�i���)(~� ;/" ?^_"=� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
��eX'�{AM@ @="DiskDrive"
nt-m#�0U7� 7D}1k`t8FF [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
X�P��^$$Ed @="Standard floppy disk controller"
Gz��+YT^n� -6�K�\��,� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
S9 �'u�)w6 @="Hdc"
4�/BnCz[y} hv�$V=_fmT [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
)X"mP!3[@0 @="Keyboard"
Ur�?_:,&�O �RZn?R>C}� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
w
\A Tx;-� @="Mouse"
VO�zNR}Nr< G7q�<u&~pn [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
ctK1O.f8QW @="PCMCIA Adapters"
��Lb�P`%?F GHt��x1m$k [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
D}�hYc1$� @="SCSIAdapter"
j��<9�|o�j ��&��;~3,� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
^�k�]rL��? @="System"
z���+^eKV� ��DZ�#[�F} [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
`�TWAT�U?G @="Floppy disk drive"
@.2�=����N C�&�ap1yA� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
c�|SOvM|&K @="Volume"
S}Cmnh�"yf �� EU6zci� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
r 7(�K,�s� @="Human Interface Devices"
��><IkR��c K9R�wB[5e [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network]
7�4o8�'x�n ig&J��0HL{ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
(&�;�&-Gh[ @="Service"
Vq��Zo�e6� 4`��J?-cum [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
x3�7"NQIM� @="Service"
L5S�8�p^96 e�5�_S:�"B [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
�):�"��q\N @="Driver Group"
Dj}~�s�g>� 1
Ttkxc��q [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
%n:b{���"� @="Driver Group"
c5�v�)A��� :9�tT�p5�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
*r�29/Kc�c @="Driver Group"
�wy�%J_
�| KTa���,B5_ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
X,>v`��mf� @="Service"
-Q<>HdE|�( 6&C�T�0 g1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
BxbI^ o�L� @="Service"
H��-R�;� y�Ge�1�ZcV [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
V!ooO8==�� @="Service"
�iM��QD'C. =x,'_q]gqt [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
�qw+f"X?� @="Service"
6���\<l��\ �kc"&�>Z�` [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin]
m�-�i�*
:� @="Service"
LCLJz!�'`c wkE;Ds|}� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys]
T{xP;nCK�M @="Driver"
Uvf]<&�[?- �>(`�nh]H{ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys]
Y\W�u' DQ @="Driver"
i5~hD~~UP +6e>Sgv_�B [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys]
]#uM
FSwjn @="Driver"
����/}p>+K 1�!Tx]`
' [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver]
�X*&<��[�& @="Service"
E&�Q�X%}�� !I��(�8�N [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
%0)C�w�LmG @="Service"
>Z�DWPy
r/ ]w5���Ezv/ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
l03)N\dD^S @="Service"
z})nA/I} @�DCJ1{b03 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
&,�a�8��.h @="Driver Group"
6�y.5bvv`| _�=6�QzP�7 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
z4 [L,Wz @="Driver Group"
mb]7�=y\�Z ��11����F4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
�� xH��2U� @="Service"
<aO;|D_OG_ Q�>��rDrc [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys]
�ez��EJ5#{ @="Driver"
�@#*{aZDlt �~ctJ@VE^� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
Ce�*7r@O�O @="Driver"
�.�z�]�G:_ g/z�Xw/(%4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
�
k=3�:!�[ @="Service"
y>^
~��]%6
'ti76_ s [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[8�l7@�+\. @="Service"
ujz�2gY z@ �0&�bVu&!� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
�
�b<P&E= @="Service"
G�PU6j�n� �IBC&�w|)l [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
Qqf�_edF!# @="Service"
�b���#*{�y EJ�
X"`Q�. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
�g�f�&k&1L @="Driver Group"
�.Z$�om4*q @�yW�oTd�! [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
y=AXJI�70 @="Driver Group"
w�y�~�^*TD ���~LA�t�8 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
-�BYv�n\� @="Service"
~�7=ZZ<b^� �{g[j%?
A8 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
�<'^G7�M1/ @="Service"
E]��
e�xKl _D3/Qorh�J [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
�STs��Bv~� @="Driver Group"
�]%/Rw4.�v _��7W;N�=/ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
H"�"[=x6l9 @="Service"
yI�3HU�]ae t*2V6J�L�D [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
2N��JE/ N� @="Driver Group"
' ���$Bi6� ��9v8���\ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
�W2��c ��4 @="Service"
?�>PV2�}@] _:�lP
?-Q [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
��@L&F^�(" @="Service"
=dXd<lK� ) )��GUTVv�V [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
.�&�XCVIKc @="Driver Group"
:�O@$��k@= |}��fb�1.b [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
AZl:�!��.U @="Driver Group"
W`6W�Z-�tB GTg?��z~Qb [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp]
Y}sNx�PgPQ @="Service"
�s��B�o3&� ��_+i]Ab"T [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
l2ANs!�Bn0 @="Driver Group"
B;�����'nC ){@X Ga�c& [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
�"�J,���5` @="Service"
�?@�u�1<�� b@,�+3L�d( [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
�q1�?=�`5. @="Driver Group"
6�I�3}!;�1 �%i�r'Av+8 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
9��)Yv1��i @="Driver Group"
N [K�KV�`2 ~Q�E1�p�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
�aX�Q�{]i" @="Driver Group"
32;&G
ds� 7zBg���`x [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys]
8xgWh[�*�G @="Driver"
/��Gz�L^] �^�gx�B/aw [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys]
+�`|H*:Fs� @="Driver"
\e ~)ND+- 9F�^ lR�z [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys]
!.DhtJH�6C @="Driver"
p�PAs����j �JF0"3=tn/ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
'k^wK|��O) @="Service"
o�aB2 8�&o a�a�mZ$#�f [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
|oa"T8X2LW @="Service"
Z/\3nssi(1 fESio,�f L [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
|S 9���@D- @="Driver Group"
.8�h&S �l/ �INUwZIV�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
���}�wf�?W @="Driver"
�)C�.1[Zt� hX(#h9`Q/ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
5l^hh;0 �� @="Service"
Qaz*tqOb�w @�/u�?)oH [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys]
�[�j�&H�|y @="FSFilter System Recovery"
UQu� ��$#X #Ugr�"�HoM [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService]
"w6�%s�#b> @="Service"
t(7gD{?lGy �<'[I�O$k� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
UXg�-��}rg @="Driver Group"
.Z8Q��lnX �h��f5@KmQ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
7@5.J��A6I @="Driver Group"
;Z(D)#g?P {swV�;�o-F [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
������H��\ @="Service"
�H]V\}u�>B Lo�?IC:45A [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
�n.iF*_%n� @="Driver Group"
1bg|2w<� YM<P�UU�`k [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys]
.#U�Y�iu^P @="Driver"
k?�^nmdt)V |�dlkB�qv& [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys]
VE�A$�N�te @="Driver"
�j�*rsCvhU �>31�/�~� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice]
�^Uqxf�6%i @="Service"
MT%�~V�bl1 _K�H06EZ>� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys]
U
�R���?[f @="Driver"
��}b��TP#� =�e��QpK ( [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys]
�#$a6Y88X� @="Driver"
wh,I"\lu|h 0i�z,qci$` [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
z-:Bi��>�. @="Service"
=;�}U�oo[^ �L1B`d=�E@ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC]
$B�J�z9Xlt @="Service"
$!�)�2s�i' 5_?2�?(d84 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
W&8�z3D��& @="Universal Serial Bus controllers"
�)`p3da[�e >4i^%vsC [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
JX2?g6�5� @="CD-ROM Drive"
j["��"6A�k �tOz�ffQ97 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
#�{pQRF%�+ @="DiskDrive"
��*e�vEj~& +��Xg�vH�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
t�\ u��2�o @="Standard floppy disk controller"
a�nDqDF!ko c<Aa?=�dwL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
68h|�2_�|c @="Hdc"
�OYfGqTD1� �O��dG|xU [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
��YeM~=3<� @="Keyboard"
mG�x�6'�9� ^'+Uo�'�Nl [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
-wh�u*�Z(G @="Mouse"
vp����g� �U�P�e(�0n [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
EEoYG7&�m @="Net"
v ��nRd-m, LEur2�D*l [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
q"21D:_\5+ @="NetClient"
�sn�8uQppZ 1o5*rJ<t8 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
iv<+2X�Z�3 @="NetService"
g��|�kfg�k ��:t7S�T�w [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
#�ZQw"�K�` @="NetTrans"
^�sG#8���w 7S8xFF(`�Q [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
�r2 ��zZ
X @="PCMCIA Adapters"
/yJ^.(C�Y n_L/c*dw�� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
I=O�U>p)&8 @="SCSIAdapter"
|$�V?5E~5� �+LrA]7%p� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
)UAta
9[aI @="System"
7M`��u�o�p L:.�Y
utam [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
lDO{&5Cf.$ @="Floppy disk drive"
h�s aQ�t\6 *m"c[y$3#Z [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
g�91(S�Uqa @="Volume"
pjP:CX�MV# wZjvnwkM� [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
+��iw �Hkm @="Human Interface Devices"
i�+�tW/ 2} 
