aprire il registro backup.reg di avenger

[Deifobe]

esegui avenger e ripeti lo script:

files to delete:
C:\WINDOWS\system32\divxdrv32.exe
C:\WINDOWS\system32\apibsc32.dll
C:\WINDOWS\system32\apisc32.dll
C:\WINDOWS\LSPRN.EXE
C:\WINDOWS\iexplore.html
C:\WINDOWS\divxapi32.dll
C:\DOCUME~1\PROPRI~1\IMPOST~1\Temp\lac97inf.sys

registry values to delete:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run | Printer Driver

registry keys to delete:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xxyyaBrP
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{CF044A01-A915-4F10-8BC7-1B2FF98A3982}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{D36D8911-16C6-4116-94E7-F6A0BB38BED8}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{D7AD8E4F-9C40-43AB-9518-FD855D396B3A}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{FED247FD-59E7-4C3B-8C52-0BBFEEECC7AD}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{5CCC064E-82EB-4E90-9E1A-9835F1B403B0}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{24E9519B-3F70-429B-99BC-4B2B49B96F66}
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\lac97inf
HKEY_LOCAL_MACHINE\system\controlset001\services\l ac97inf
HKEY_LOCAL_MACHINE\system\controlset002\services\l ac97inf

clicca su execute


dopo il riavvio, apri un file di testo txt e copiaci dentro:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall"=dword:00000001

salvalo come:
nome: modifica.reg
tipo di file: tutti i file
eseguilo e accentta le modifiche al registro