\CuưentVersion\Policies\System\"DisableCMD" = "1"
               Tiếp theo nó sẽ khởi tạo vào trong Regedit và sẽ chạy cùng
               mỗi khi Windows bắt đầu khởi động.
               •HKEY_CURRENT_USER\Software\Microsoft\Windows
               \CurrentVersion\Run\"Microsoft Word" =
               "%System%\hostdll.exe"
               HKEY_LOCAL_MACHINE\SOFTWAREWIicrosoft\Win
               dows\CurrentVersion\policies\system\"DisablcRegistryTo
               ols" = 'T"
               •HKEY_CURRENT_USER\Software\Microsoft\Windows\
               CuưentVersion\Policies\System\"DisablcRegistryTools" = "1"
               •HKEY_LOCAL_MACHINESSOFTWARE\Microsoft\Wind
               ows\CuưentVersion\policies\system\"DisablcTaskMgr'' = "1"
               • H KE Y_cu R RENT_U SER\Soft ware\Microsoft\W indows
               \CuưentVersion\Policies\System\"DisablcTaskMgr" = "1"
               •HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefil
               é\"(default)" = "Eile Eolder"
               •HKEY_LOCAL_MACHINE\SOFTWAREXClasses^xefil
               e\"TileInfo" = "prop:DocComments"
               •HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefil
               e\"InfoTip" = "prop:DocComments"
               •HKEY_LOCAL_MACHINE\SOFTWARE\ClassesVegfile
               \shell\open\command\"(default)" = ”cmd.exe/c del "%1""
               •HKEY_LOCAL_MACHINE\SOFTWAREWIicrosoft\Wi
               ndows NT\CuưentVersion\"RegisteredOrganization" =
               "your System is mine"
               •HKEY_LOCAL_MACHINE\SOFTWARĐ\Microsoft\Wi
               ndows NT\CuưentVersion\"RegisteredOwner" = "your
               System is mine"
               •HKEY_LOCAL_MACHINE\SOFTWAREWIicrosoft\Wi
               ndows NT\CurrentVersion\Winlogon\'’Shell" =
               "Explorer.exe, C:\WINDOWS\system32\taskfile.exe"
               •HKEY_CURRENT_USER\Software\Microsoft\Windows
               \CurrentVersion\Explorer\Advanced\"Hidden" = "2"



                                        254