@echo off
echo *** W32/Sality.y Registry Repair ***
echo -cleaning Registry...

reg.exe DELETE HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system /v DisableRegistryTools /f
reg.exe DELETE HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system /v DisableTaskMgr /f
reg.exe ADD "HKLM\SOFTWARE\Microsoft\Security Center" /v AntiVirusDisableNotify /t REG_DWORD /d 00000000 /f
reg.exe ADD "HKLM\SOFTWARE\Microsoft\Security Center" /v FirewallDisableNotify /t REG_DWORD /d 00000000 /f
reg.exe ADD "HKLM\SOFTWARE\Microsoft\Security Center" /v UpdatesDisableNotify /t REG_DWORD /d 00000000 /f
reg.exe ADD "HKLM\SOFTWARE\Microsoft\Security Center" /v AntiVirusOverride /t REG_DWORD /d 00000000 /f
reg.exe ADD "HKLM\SOFTWARE\Microsoft\Security Center" /v FirewallOverride /t REG_DWORD /d 00000000 /f
reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Security Center" /v UacDisableNotify /f
reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Security Center\Svc" /f
reg.exe DELETE "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v GlobalUserOffline /f
reg.exe DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system /v EnableLUA /f
reg.exe DELETE HKLM\SYSTEM\CurrentControlSet\Services\abp470n5 /f
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot" /v AlternateShell /d cmd.exe /f
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys" /ve /d "FSFilter System Recovery"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}" /ve /d "Universal Serial Bus controllers"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}" /ve /d "CD-ROM Drive"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}" /ve /d DiskDrive
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}" /ve /d "Standard floppy disk controller"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}" /ve /d Hdc
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}" /ve /d Keyboard
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}" /ve /d Mouse
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}" /ve /d "PCMCIA Adapters"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}" /ve /d SCSIAdapter
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}" /ve /d System
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}" /ve /d "Floppy disk drive"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}" /ve /d "Volume shadow copy"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}" /ve /d Volume
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}" /ve /d "Human Interface Devices"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sharedaccess" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys" /ve /d "FSFilter System Recovery"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI" /ve /d "Driver Group"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys" /ve /d Driver
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC" /ve /d Service
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}" /ve /d "Universal Serial Bus controllers"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}" /ve /d "CD-ROM Drive"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}" /ve /d DiskDrive
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}" /ve /d "Standard floppy disk controller"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}" /ve /d Hdc
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}" /ve /d Keyboard
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}" /ve /d Mouse
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}" /ve /d Net
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}" /ve /d NetClient
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}" /ve /d NetService
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}" /ve /d NetTrans
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}" /ve /d "PCMCIA Adapters"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}" /ve /d SCSIAdapter
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}" /ve /d System
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}" /ve /d "Floppy disk drive"
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}" /ve /d Volume
reg.exe ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}" /ve /d "Human Interface Devices"


echo -cleaning done.
pause