CurrentVersion\Run\"Microsoft File Server Manager 2.36" =
    "C:\WINDOWSvsystem32\filesrv32.exe"HKEY_LOCAL_M
    ACHINE\SOFrW ARE\M icrosoft\Windows\Cuirent VersionX
    RunVHeiku - Munist" =
    "C;\WINDOWSvsystem32\EraleuH.exe"
    Tiếp theo nó sẽ làm mất tính năng registry tools and the
    folder options in Explorer:
    •HKEY_LOCAL_MACHINEsSOFTWARE\Microsoft\Windo
    ws\CurrentVersion\policies\Explorei\"NoFolderOptions" = "1"
    •HKEY_CURRENT_USER\Ì)ftware\Microsoft\Windows\C
    urrentVersion\Policies\System\"DisableRegistryTools" = "1"
    •HKEY_LOCAL_MACHINE\SOFTWAR^Classes\Director
    y\DefaultIcon\”(default)" =
    "C:\WINDOWSSsystem32\filesrv32.exe"
    •HKEY_LOCAL_MACHINEVSOFTWARE\Microsoft\Wind
    ows\CuưentVersion\"IeakHelpString" = "I will always be
    with you, Huelar!"
    •HKEY_CURRENT_USER\Software\Microsoft\Internet
    ExplorerVEnableHeikus" = "1"
    •HKEY_CURRENT_USER\Software\Microsoft\Internet
    ExpIorerVInstallDate" = "1/15/2008"
    •HKEY_CURRENT_USER\Software\Microsoft\Internet
    Explorer\Main\"Window Title" = "Freak-X Browser"
    Tự động khởi tạo vào regedit những khóa sau
    •HKEY_CURRENT_USER\Software\Microsoft\Internet
    Explorer\Main\"Local Page" =
    "[http://]www.hentaisailormoon.com[REMOVED]"
    •HKEY_CURRENT_USERNSoftware\Microsoft\Internet
    Explorer\Main\"Start Page" =
    "[http://]www.hentaisailormoon.com[REMOVED]"
    •HKEY_CURRENT_USER\Software\Microsoft\Windows\C



                                227