Win32.Sector (WIN32.Sality)
Win32.Sector (WIN32.Sality) - Datei - Virus infiziert EXE-nicks Systemdienste avtoazgruzku und biegen , dass der Benutzer uns häufig Versuchen)
Symptome Win32.Sector (WIN32.Sality)
1. lock "Task - Manager" taskmgr.exe ist und Editor regedit Registry
(Beim Versuch zu laufen - Fenster fällt angeblich blockiert Sysadmin)
2. Der Virus erzeugt einen verrückten Verkehr (wird ständig das Netzwerk ping)
3. wenn Sie versuchen, programmatisch die Netzwerkverbindung deaktivieren (!) - System perezagruzhaetsya / blyuskrin
4. Wenn Sie versuchen , in "Safe Mode" zu booten (!) - Blyuskrin
5. die gesamte Software zusätzlich zu den Anti-Virus - Software ordnungsgemäß funktioniert,
6. wenn Sie versuchen , eine Anti-Virus zu laufen (!) - Sie sofort zakryvayutsya
7. Sperrung des Zugangs zu Webseiten von Antiviren-Unternehmen
8. Wenn es 28.682 dann der erste Sektor beim Booten alle Gerätetreiber fliegt (in "Dispechtere Geräte" vor der Drüsen - gelbes Ausrufezeichen: "pokotsali Treiber und nicht in den RAM geladen werden kann ..." und als Ergebnis - funktioniert nicht Netzwerk oder yusb, 800x600 Auflösung, 8 - Bit)
Werkzeuge für die Behandlung Win32.Sector (WIN32.Sality)
- WinPE auf der CD / USB (Sie müssen überprüfen Sie alle Dateien aus anderen Systemen)
- Dr.Web CureIt unbedingt relevant (sprich: frisch) Datenbanken
- Trojan Remover (zuerst behandeln die infizierte EXE - Datei Web - Browsing, dann fertig machen remuverom)
- AVZ oder reg-Dateien (benötigt , um die Blockierung Richtlinie zu entfernen)
- Installations - CD distributive OS (müssen das SIS zu überprüfen , um die Integrität der Dateien zu erhalten.)
Benutzer Win32.Sector Behandlung (WIN32.Sality)
1. Sie müssen sofort das Netzkabel aus dem Computer ziehen
(Weil , wenn Sie versuchen, programmatisch auf das Netzwerk durch die "Netzwerkverbindungen" zu deaktivieren Virus wird neu gestartet , das Betriebssystem ")
2. Unlocker und installieren Process Explorer, führen Process Explorer und Carina 5-7 Stücke prosesov cmd
3. Um den Zugriff auf die aktuellen juzverej SystemVolumeInformation Ordner geben, entriegeln sie und Unlocker`om Kiel
4. Netto Benutzer Tempo (Start -> Ausführen ->% temp% [Enter] )
5. Reinigen Sie den Ordner IE temporäre Dateien (C: \ Dokumente und Einstellungen \ imya_uchetki \ Lokale Einstellungen \ Temporary Internet Files)
6. Neustart, Georgia mit layvSD WinPE und laufen CureIT
(Erfordert einen vollständigen Scan aller Dateien die meisten von ihnen -. Zapusknoe Dateien Prog Antivir heilen)
7. nach der Behandlung - wird im normalen Modus versendet (Secure dosih gesperrt "links" Tasten in reeestre) und prüft Trojan Remover `th
8. Stellen Sie das Testdateien , die Integrität von Windows zu halten (Start -> Ausführen -> sfc / scannow)
* Unvergessliche Feed sidyuk CD mit distributiven
9. dann das System neu starten, sauber reesr (CCleaner / RegOrganizer / head + regedit)
10. anwenden Registrierung zwickt die "Seite" des Virus efekt zu beseitigen:
restore_taskmgr.reg
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Currentversion \ Policies \ System]
"DisableTaskMgr" = dword: 0
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Currentversion \ Policies \ System]
"DisableTaskMgr" = dword: 0
restore_regedit.reg
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Currentversion \ Policies \ System]
"DisableRegistryTools" = dword: 0
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Currentversion \ Policies \ System]
"DisableRegistryTools" = dword: 0
restore_hidden.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Currentversion \ Explorer \ Advanced \ Folder \ Versteckte]
"Text" = "@ shell32.dll, -30499"
"Type" = "Gruppe"
"Bitmap" = hex (2): 25,00,53,00,79,00,73,00,74,00,65,00,6d, 00,52,00,6f, 00,6f, 00,74 \
00,25,00,5c, 00,73,00,79,00,73,00,74,00,65,00,6d, 00,33,00,32,00,5c, 00,53,00, \
48,00,45,00,4c, 00,4c, 00,33,00,32,00,2e, 00,64,00,6c, 00,6c, 00,2c, 00,34,00,00, \
00
"HelpID" = "shell.hlp # 51131"
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Currentversion \ Explorer \ Advanced \ Folder \ Versteckte \ NOHIDDEN]
"RegPath" = "Software \\ Microsoft \\ Windows-\\ Current \\ Explorer \\ Erweitert"
"Text" = "@ shell32.dll, -30501"
"Type" = "radio"
"CheckedValue" = dword: 00000002
"Valuename" = "Versteckt"
"Default" = dword: 00000002
"HKeyRoot" = dword: 80000001
"HelpID" = "shell.hlp # 51104"
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Currentversion \ Explorer \ Advanced \ Folder \ Versteckte \ SHOWALL]
"RegPath" = "Software \\ Microsoft \\ Windows-\\ Current \\ Explorer \\ Erweitert"
"Text" = "@ shell32.dll, -30500"
"Type" = "radio"
"CheckedValue" = dword: 00000001
"Valuename" = "Versteckt"
"Default" = dword: 00000002
"HKeyRoot" = dword: 80000001
"HelpID" = "shell.hlp # 51105"
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Currentversion \ Explorer \ Advanced \ Folder \ Versteckte]
"Text" = "@ shell32.dll, -30499"
"Type" = "Gruppe"
"Bitmap" = hex (2): 25,00,53,00,79,00,73,00,74,00,65,00,6d, 00,52,00,6f, 00,6f, 00,74 \
00,25,00,5c, 00,73,00,79,00,73,00,74,00,65,00,6d, 00,33,00,32,00,5c, 00,53,00, \
48,00,45,00,4c, 00,4c, 00,33,00,32,00,2e, 00,64,00,6c, 00,6c, 00,2c, 00,34,00,00, \
00
"HelpID" = "shell.hlp # 51131"
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Currentversion \ Explorer \ Advanced \ Folder \ Versteckte \ NOHIDDEN]
"RegPath" = "Software \\ Microsoft \\ Windows-\\ Current \\ Explorer \\ Erweitert"
"Text" = "@ shell32.dll, -30501"
"Type" = "radio"
"CheckedValue" = dword: 00000002
"Valuename" = "Versteckt"
"Default" = dword: 00000002
"HKeyRoot" = dword: 80000001
"HelpID" = "shell.hlp # 51104"
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Currentversion \ Explorer \ Advanced \ Folder \ Versteckte \ SHOWALL]
"RegPath" = "Software \\ Microsoft \\ Windows-\\ Current \\ Explorer \\ Erweitert"
"Text" = "@ shell32.dll, -30500"
"Type" = "radio"
"CheckedValue" = dword: 00000001
"Valuename" = "Versteckt"
"Default" = dword: 00000002
"HKeyRoot" = dword: 80000001
"HelpID" = "shell.hlp # 51105"
restore_safe_mod.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot]
"AlternateShell" = "cmd.exe"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal]
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ AppMgmt]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ Base]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ Boot Bus Extender]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ Boot-Dateisystem]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ CryptSvc]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ DCOMLAUNCH]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ dmadmin]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ dmboot.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ Dmio.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ dmload.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ dmserver]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ EventLog]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ File System]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ Filter]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ helpsvc]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ Netlogon]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ PCI Configuration]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ Plugplay]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ PNP Filter]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ Primary Disk]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ RpcSs]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ SCSI Klasse]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ Sermouse.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ sr.sys]
@ = "FSFilter System Recovery"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ SRService]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ System Bus Extender]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ vga.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ vgasave.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ WinMgmt]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {36FC9E60-C465-11CF-8.056-444.553.540.000}]
@ = "Universal Serial Bus Controller"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {4D36E965-E325-11CE-BFC1-08002BE10318}]
@ = "CD-ROM-Laufwerk"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {4D36E967-E325-11CE-BFC1-08002BE10318}]
@ = "Diskdrive"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {4D36E969-E325-11CE-BFC1-08002BE10318}]
@ = "Standard Floppy-Disk-Controller"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {4D36E96A-E325-11CE-BFC1-08002BE10318}]
@ = "Hdc"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {4D36E96B-E325-11CE-BFC1-08002BE10318}]
@ = "Keyboard"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {4D36E96F-E325-11CE-BFC1-08002BE10318}]
@ = "Maus"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {4D36E977-E325-11CE-BFC1-08002BE10318}]
@ = "PCMCIA-Adapter"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {4D36E97B-E325-11CE-BFC1-08002BE10318}]
@ = "SCSIAdapter"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {4D36E97D-E325-11CE-BFC1-08002BE10318}]
@ = "System"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {4D36E980-E325-11CE-BFC1-08002BE10318}]
@ = "Diskettenlaufwerk"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@ = "Volume"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Minimal \ {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@ = "Human Interface Devices"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network]
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ AFD]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ AppMgmt]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Base]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Boot Bus Extender]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Boot-Dateisystem]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Browser]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ CryptSvc]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ DCOMLAUNCH]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Dhcp]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ dmadmin]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ dmboot.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Dmio.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ dmload.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ dmserver]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ DnsCache]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ EventLog]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ File System]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Filter]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ helpsvc]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ ip6fw.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Ipnat.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ LanmanServer]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ LanmanWorkstation]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ LmHosts]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Messenger]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ NDIS]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ NDIS-Wrapper]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ NDISUIO]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ NetBIOS]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ NetBIOSGroup]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ NetBT]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ NetDDEGroup]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Netlogon]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ NetMan]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Network]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Network]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ nm]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ nm.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ NtLmSsp]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ PCI Configuration]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Plugplay]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ PNP Filter]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ PNP_TDI]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Primary Disk]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ rdpcdd.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ rdpdd.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Rdpwd.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ rdsessmgr]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ RpcSs]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ SCSI Klasse]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Sermouse.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Sharedaccess]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ sr.sys]
@ = "FSFilter System Recovery"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ SRService]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Streams Drivers]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ System Bus Extender]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Tcpip]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ TDI]
@ = "Driver Group"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ tdpipe.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ tdtcp.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ Termservice]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ vga.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ vgasave.sys]
@ = "Driver"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ WinMgmt]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ WZCSVC]
@ = "Service"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {36FC9E60-C465-11CF-8056-444.553.540.000}]
@ = "Universal Serial Bus Controller"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E965-E325-11CE-BFC1-08002BE10318}]
@ = "CD-ROM-Laufwerk"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E967-E325-11CE-BFC1-08002BE10318}]
@ = "Diskdrive"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E969-E325-11CE-BFC1-08002BE10318}]
@ = "Standard Floppy-Disk-Controller"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E96A-E325-11CE-BFC1-08002BE10318}]
@ = "Hdc"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E96B-E325-11CE-BFC1-08002BE10318}]
@ = "Keyboard"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E96F-E325-11CE-BFC1-08002BE10318}]
@ = "Maus"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E972-E325-11CE-BFC1-08002BE10318}]
@ = "Net"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E973-E325-11CE-BFC1-08002BE10318}]
@ = "NetClient"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E974-E325-11CE-BFC1-08002BE10318}]
@ = "NetService"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E975-E325-11CE-BFC1-08002BE10318}]
@ = "NetTrans"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E977-E325-11CE-BFC1-08002BE10318}]
@ = "PCMCIA-Adapter"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E97B-E325-11CE-BFC1-08002BE10318}]
@ = "SCSIAdapter"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E97D-E325-11CE-BFC1-08002BE10318}]
@ = "System"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {4D36E980-E325-11CE-BFC1-08002BE10318}]
@ = "Diskettenlaufwerk"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@ = "Volume"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Safeboot \ Network \ {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@ = "Human Interface Devices"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Lsa]
"Authentication Packages" = hex (7): 6d, 00,73,00,76,00,31,00,5f, 00,30,00,00,00,00, \
00
11. Put in den normalen Schutz (Antivir mit topischen Basen + Firewall + Anti-Spyware)
Kommentare
im Auge kommentierte halten , dass der Inhalt und der Ton Ihrer Nachrichten , die Gefühle von echten Menschen verletzen können, Respekt und Toleranz gegenüber seinen Gesprächspartnern, auch wenn Sie Ihr Verhalten in Bezug auf die Meinungsfreiheit und die Anonymität des Internets, ändert ihre Meinung nicht teilen, nicht nur virtuell, sondern realen Welt. Alle Kommentare werden aus dem Index, Spam - Kontrolle versteckt.