Page 216 - Tự Khắc Phục Máy Tính Khi Bị Vi Rút Tấn Công

P. 216

492528769-500\Software\Microsoft\Windows
\CuưentVersion\Run\"winmgmt" =
"%SystemDrive%\wmiprvse.exe"
HKEY_LOCAL_MACHINESSOFTWARE\Microsoft\Win
dows NT\CuưentVersion\Winlogori\"Shell" =
"Explorer.exe %SystemDrive%\spoolsv32.exe"
HKEY_LOCAL_MACHINE^SY^EM\ControlSet001\Ser
vices\TrkWks\"ImagePath" =
"%SystemDrive%\s poolsv32.exe"
HKEY_LOCAL_MACHINE^YSTEM\ControlSet001\Ser
vices\TrkWks\"ImagePath" =
"%SystemDrive%\spoolsv32.exe"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\TrkWks\"ImagePath" =
"%SystemDrive%\spooIsv32.exe"

5. Khôi phục lại các giá trị được ghi trong Registry sau;
HKEY_LOCAL_MACHINE^YSTEM\ControlSet001\Co
ntroIVServiceCuưent" = "11"
HKEY_LOCAL_MACHINE\SYSrTEM\ControlSet001\Ser
vices\TrkWks\"Type" = "10"
HKEY_LOCAL_MACHINE^SYSrTEM\CurrentControlSet\
ControI\"ServiceCuưent" = " 11"
HKEY_LOCAL_MACHlNEVSYSTEM\CurrentControlSet\
Services\TrkWks\"Type" = "10"
HKEY_USER^-1 -5-21-1961063573-973683775-
492528769-500\Software\Microsoft\Windows
\CurrentVersion\Explorei\Advanced\"ShowSuperHidden" = "0"
HKEY_USERS\S-1-5-21-1961063573-973683775-
492528769-500\Software\Microsoft\Windows
\CurrentVersion\Policies\Explorer\"NoDriveTypeAutoRun
" = "B5"
6. Thoát khỏi Registry.

216

211 212 213 214 215 216 217 218 219 220 221