Cách diệt W32.Ackantta F@mm

Thứ bảy - 10/10/2009 00:18

Cách diệt W32.Ackantta F@mm

I)Mô Tả
Phát hiện: 30 tháng 06 năm 2009
Cập nhật: 30 tháng 06 năm 2009 7:20:56 AM
Kiểu : Worm (Sâu)
Kích thước: Theo kiểu giá trị
Hệ thống bị ảnh hưởng : Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Vista, Windows XP
Những chỉ dẫn sau đây gắn liền với mọi sản phẩm diệt virut của Symantec hiện thời và gần đây, bao gồm chương trình diệt virut Symantec và những sản phẩm dịêt virus của Norton
1 Tắt chế độ System Restore (Windows Me/XP)
2 Cập nhật chương trình diệt virus mới
3 Scan toàn bộ hệ thống
4 Xoá các giá trị được ghi vào Registry
II)Cách diệt
1 Click Start > Run
2 Đánh Regedit
3 Click chọn OK
4 Tìm và xoá các giá trị được ghi vào Registry

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\"Windows Audio Services" = "%Windir%\jvm.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"SunJavaUpdateSched10" = "%System%\jushed.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"Windows Audio Services" = "%Windir%\jvm.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{151B67MA-E28T-45KF-0O30-8801XS8WIF5J}\"StubPath" = "\"%Windir%\jvm.exe\""
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\"%System%\jushed.exe" = "%System%\jushed.exe:*:Enabled:Explorer"
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\"[RANDOM LETTERS]" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\"group" = "file system"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\"imagepath" = "%System%\drivers\SKYNETasnaosip.sys"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\"start" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\"type" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\main\"aid" = "10120"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\main\"sid" = "0"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\main\injector\"*" = "SKYNETwsp.dll"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\modules\"SKYNET.dat" = "%System%\SKYNEThbqelxil.dat"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\modules\"SKYNETcmd.dll" = "%System%\SKYNET[RANDOM LETTERS].dll"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\modules\"SKYNETlog.dat" = "%System%\SKYNET[RANDOM LETTERS].dat"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\modules\"SKYNETrk.sys" = "%System%\drivers\SKYNET[RANDOM LETTERS].sys"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SKYNET[RANDOM LETTERS]\modules\"SKYNETwsp.dll" = "%System%\SKYNET[RANDOM LETTERS].dll"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\"java6kernel" = "06"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\"sun6micro" = "30"
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\"(Default)" = "[RANDOM LETTERS]"ư
5 Khôi phục lại các giá trị mặc định sau
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\"ProxyEnable" = "0"
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\"DefaultConnectionSettings" = "[BINARY DATA]"
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\"SavedLegacySettings" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0048F8D37B153F6EA2798C323EF4F318A5624A9E\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\00EA522C8A9C06AA3ECCE0B4FA6CDC21D92E8099\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0483ED3399AC3608058722EDBC5E4600E3BEF9D7\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\049811056AFE9FD0F5BE01685AACE6A5D1C4454C\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0B77BEBBCB7AA24705DECC0FBD6A02FC7ABD9B52\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\1331F48A5DA8E01DAACA1BB0C17044ACFEF755BB\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\1F55E8839BAC30728BE7108EDE7B0BB0D3298224\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\209900B63D955728140CD13622D8C687A4EB0085\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\216B2A29E62A00CE820146D8244141B92511B279\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\23E594945195F2414803B4D564D2A3A3F5D88B8C\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\24A40A1F573643A67F0A4B0749F6A22BF28ABB6B\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\24BA6D6C8A5B5837A48DB5FAE919EA675C94D217\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\273EE12457FDC4F90C55E82B56167F62F532E547\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\284F55C41A1A7A3F8328D4C262FB376ED6096F24\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2F173F7DE99667AFA57AF80AA2D1B12FAC830338\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\36863563FD5128C7BEA6F005CFE9B43668086CCE\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\394FF6850B06BE52E51856CC10E180E882B385CC\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\3F85F2BB4A62B0B58BE1614ABB0D4631B4BEF8BA\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4072BA31FEC351438480F62E6CB95508461EAB2F\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\40E78C1D523D1CD9954FAC1A1AB3BD3CBAA15BFC\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\43DDB1FFF3B49B73831407F6BC8B975023D07C50\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\43F9B110D5BAFD48225231B0D0082B372FEF9A54\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4463C531D7CCC1006794612BB656D3BF8257846F\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\47AFB915CDA26D82467B97FA42914468726138DD\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4B421F7515F6AE8A6ECEF97F6982A400A4D9224E\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4BA7B9DDD68788E12FF852E1A024204BF286A8F6\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4C95A9902ABE0777CED18D6ACCC3372D2748381E\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EF2E6670AC9B5091FE06BE0E5483EAAD6BA32D9\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFCED9C6BDD0C985CA3C7D253063C5BE6FC620C\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4F65566336DB6598581D584A596C87934D5F2AB4\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\54F9C163759F19045121A319F64C2D0555B7E073\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\58119F0E128287EA50FDD987456F4F78DCFAD6D4\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5B4E0EC28EBD8292A51782241281AD9FEEDD4E4C\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5D989CDB159611365165641B560FDBEA2AC23EF1\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5E5A168867BFFF00987D0B1DC2AB466C4264F956\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5E997CA5945AAB75FFD14804A974BF2AE1DFE7E1\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\627F8D7827656399D27D7F9044C9FEB3F33EFA9A\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\6372C49DA9FFF051B8B5C7D4E5AAE30384024B9C\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\6782AAE0EDEEE21A5839D3C0CD14680A4F60142A\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\67EB337B684CEB0EC2B0760AB488278CDD9597DD\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\687EC17E0602E3CD3F7DFBD7E28D57A0199A3F44\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\688B6EB807E8EDA5C7B17C4393D0795F0FAE155F\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\68ED18B309CD5291C0D3357C1D1141BF883866B1\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\69BD8CF49CD300FB592E1793CA556AF3ECAA35FB\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\6A174570A916FBE84453EED3D070A1D8DA442829\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\720FC15DDC27D456D098FABF3CDD78D31EF5A8DA\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\74207441729CDD92EC7931D823108DC28192E2BB\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\742C3192E607E424EB4549542BE1BBC53E6174E2\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\7639C71847E151B5C7EA01C758FBF12ABA298F7A\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\78E9DD0650624DB9CB36B50767F209B843BE15B3\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\7A74410FB0CD5C972A364B71BF031D88A6510E9E\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\7AC5FFF8DCBC5583176877073BF751735E9BD358\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\7CA04FD8064C1CAA32A37AA94375038E8DF8DDC0\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\7E784A101C8265CC2DE1F16D47B440CAD90A1945\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\81968B3AEF1CDC70F5FA3269C292A3635BD123D3\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\838E30F77FDD14AA385ED145009C0E2236494FAA\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\85371CA6E550143DCE2803471BDE3A09E8F8770F\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\85A408C09C193E5D51587DCDD61330FD8CDE37BF\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\879F4BEE05DF98583BE360D633E70D3FFE9871AF\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8EB03FC3CF7BB292866268B751223DB5103405CB\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\9078C5A28F9A4325C2A7C73813CDFE13C20F934E\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\90AEA26985FF14804C434952ECE9608477AF556F\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\90DEDE9E4C4E9F6FD88617579DD391BC65A68964\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\96974CD6B663A7184526B1D648AD815CF51E801A\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\97817950D81C9670CC34D809CF794431367EF474\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\97E2E99636A547554F838FBA38B82E74F89A830A\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\99A69BE61AFE886B4D2B82007CB854FC317E1539\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\9BACF3B664EAC5A17BED08437C72E4ACDA12F7E7\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\9E6CEB179185A29EC6060CA53E1974AF94AF59D4\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\9FC796E8F8524F863AE1496D381242105F1B78F5\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A399F76F0CBF4C9DA55E4AC24E8960984B2905B6\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A3E31E20B2E46A328520472D0CDE9523E7260C6D\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A5EC73D48C34FCBEF1005AEB85843524BBFAB727\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AB48F333DB04ABB9C072DA5B0CC1D057F0369B46\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\ACED5F6553FD25CE015F1F7A483B6A749F6178C6\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B172B1A56D95F91FE50287E14D37EA6A4463768A\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B19DD096DCD4E3E0FD676885505A672C438D4E9C\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B3EAC44776C9C81CEAF29D95B6CCA0081B67EC9D\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B5D303BF8682E152919D83F184ED05F1DCE5370C\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B6AF5BE5F878A00114C3D7FEF8C775C34CCD17B6\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B72FFF92D2CE43DE0A8D4C548C503726A81E2B93\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\BC9219DDC98E14BF1A781F6E280B04C27F902712\"Blob" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ERSVC\"NextInstance" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ERSVC\0000\"Class" = "LegacyDriver"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ERSVC\0000\"ClassGUID" = "{8ECC055D-047F-11D1-A537-0000F8753ED1}"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ERSVC\0000\"ConfigFlags" = "32"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ERSVC\0000\"DeviceDesc" = "Error Reporting Service"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ERSVC\0000\"Legacy" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ERSVC\0000\"Service" = "ERSvc"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WSCSVC\"NextInstance" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WSCSVC\0000\"Class" = "LegacyDriver"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WSCSVC\0000\"ClassGUID" = "{8ECC055D-047F-11D1-A537-0000F8753ED1}"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WSCSVC\0000\"ConfigFlags" = "32"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WSCSVC\0000\"DeviceDesc" = "Security Center"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WSCSVC\0000\"Legacy" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WSCSVC\0000\"Service" = "wscsvc"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc\"DependOnService" = "RpcSs "
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc\"Description" = "Allows error reporting for services and applictions running in non-standard environments."
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc\"DisplayName" = "Error Reporting Service"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc\"ErrorControl" = "0"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc\"ImagePath" = "%SystemRoot%\System32\svchost.exe -k netsvcs"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc\"ObjectName" = "LocalSystem"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc\"Start" = "2"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc\"Type" = "32"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc\Parameters\"ServiceDll" = "%SystemRoot%\System32\ersvc.dll"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc\Security\"Security" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\"DependOnService" = "RpcSs winmgmt "
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\"Description" = "Monitors system security settings and configurations."
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\"DisplayName" = "Security Center"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\"ErrorControl" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\"ImagePath" = "%SystemRoot%\System32\svchost.exe -k netsvcs"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\"ObjectName" = "LocalSystem"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\"Start" = "2"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\"Type" = "32"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Parameters\"ServiceDll" = "%SYSTEMROOT%\system32\wscsvc.dll"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Security\"Security" = "[BINARY DATA]"
6 Thoát khỏi Registry

Tổng số điểm của bài viết là: 0 trong 0 đánh giá

Click để đánh giá bài viết

  Ý kiến bạn đọc

Những tin mới hơn

Những tin cũ hơn

Thống kê
  • Đang truy cập1
  • Hôm nay9,941
  • Tháng hiện tại188,279
  • Tổng lượt truy cập30,437,365
DỊCH VỤ SỬA CHỮA
Bạn đã không sử dụng Site, Bấm vào đây để duy trì trạng thái đăng nhập. Thời gian chờ: 60 giây