I. ការអធិប្បាយ
ចាប់ផ្តើមឆ្លងនៅ: ថ្ងៃទី ០4 ខែ 03 ឆ្នាំ 2009 វេលាម៉ោង 6:36:09 AM
ឈ្មោះមេរោគ:
W32.SillyFDC.BAY
ជាប្រភេទមេរោគ: Worm
ជាប្រភេទមេរោគ: Worm
កំរិតគ្រោះថ្នាក់: មធ្យម
ទំហំ: 49,023 bytes
វាធ្វើអោយខូចខាងប្រព័ន្ធ: Windows XP, Windows Vista,
Windows Server 2003, Windows 2000។
II. របៀបសម្លាប់មេរោគ
- ចុចលើ Start + Run
- វាយសរសេរ Regedit
- ចុចជ្រើសរើសយក OK
- រកមើលតម្លៃរួចហើយលប់ចោលនៅក្នុង Registry
- ចុចលើ Start + Run
- វាយសរសេរ Regedit
- ចុចជ្រើសរើសយក OK
- រកមើលតម្លៃរួចហើយលប់ចោលនៅក្នុង Registry
វាបំផ្លាញធ្វើអោយខូចខាងប្រព័ន្ធ: Windows 98, Windows 95, Windows XP, Windows Me,
Windows Vista, Windows NT, Windows Server 2003, Windows 2000 ។
ការណែនាំប្រើប្រាស់កម្មវិធី
Symantec ដើម្បីចាប់មេរោគដែលជាផលិតផលរបស់ Norton។
- លោកអ្នកផ្តាច់ប្រព័ន្ធ System Restore (Windows Me/XP)
- លោកអ្នកផ្តាច់ប្រព័ន្ធ System Restore (Windows Me/XP)
- រកមើលកម្មវិធីថ្មី និងមាន file update
- Scan ក្នុង Drive ទាំងអស់ក្នុងកុំព្យូទ័ត
- លប់តម្លៃដែលនៅជាប់ក្នុង Registry
II. របៀបកំចាប់មេរោគ
- ចុចលើ Start + Run
- វាយសរសេរ Regedit
- ចុចជ្រើសរើសយក OK
- រកមើលតម្លៃរួចហើយលប់ចោលនៅក្នុង Registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Image File Execution Options\360Safe.exe\"Debugger"
= "ntsd -d"- Scan ក្នុង Drive ទាំងអស់ក្នុងកុំព្យូទ័ត
- លប់តម្លៃដែលនៅជាប់ក្នុង Registry
II. របៀបកំចាប់មេរោគ
- ចុចលើ Start + Run
- វាយសរសេរ Regedit
- ចុចជ្រើសរើសយក OK
- រកមើលតម្លៃរួចហើយលប់ចោលនៅក្នុង Registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360hotfix.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safebox.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AntiArp.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppSvc32.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AutoGuarder.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IsHelp.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFWSvc.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRepair.COM\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVCenter.kxp\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP_1.kxp\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVScan.kxp\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVStub.kxp\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvReport.kxp\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP_1.kxp\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVSetup.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RSTray.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ras.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavCopy.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMon.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStore.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RfwMain.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsMain.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREngPS.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ScanFrm.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Syscheck2.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ToolsUp.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIHost.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAgent.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAttachment.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxCfg.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxFwHlp.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxPol.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpLive.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WoptiClean.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adam.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\arvmon.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\findt2005.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmo.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\killhidepid.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvfw.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loaddll.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravt08.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwProxy.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwolusr.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsnetsvr.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safebank.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartassistant.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\syscheck.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zxsweep.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\????????.exe\"Debugger" = "ntsd -d"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"xSafe" = "%ProgramFiles%\Common Files\xSafe.exe"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DOGKILLER\"NextInstance" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DOGKILLER\0000\"Class" = "LegacyDriver"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DOGKILLER\0000\"ClassGUID" = "{8ECC055D-047F-11D1-A537-0000F8753ED1}"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DOGKILLER\0000\"ConfigFlags" = "0"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DOGKILLER\0000\"DeviceDesc" = "DogKiller"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DOGKILLER\0000\"Legacy" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DOGKILLER\0000\"Service" = "DogKiller"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SRSKL\"NextInstance" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SRSKL\0000\"Class" = "LegacyDriver"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SRSKL\0000\"ClassGUID" = "{8ECC055D-047F-11D1-A537-0000F8753ED1}"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SRSKL\0000\"ConfigFlags" = "0"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SRSKL\0000\"DeviceDesc" = "srskl"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SRSKL\0000\"Legacy" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SRSKL\0000\"Service" = "srskl"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\"DisplayName" = "DogKiller"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\"ErrorControl" = "0"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\"ImagePath" = "\??\%UserProfile%\LOCALS~1\Temp\~dwphx.tmp"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\"Start" = "3"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\"Type" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\Security\"Security" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\"DisplayName" = "srskl"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\"ErrorControl" = "0"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\"ImagePath" = "\??\%Windir%\Fonts\srskl.fon"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\"Start" = "3"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\"Type" = "1"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\Security\"Security" = "[BINARY DATA]"
បញ្ចូលតម្លៃថ្មីឡើងវិញ
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\"PastIconsStream" = "[BINARY DATA]"
HKEY_LOCAL_MACHINE\SOFTWARE\360Safe\safemon\"ARPAccess" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\360Safe\safemon\"ExecAccess" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\360Safe\safemon\"IEProtAccess" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\360Safe\safemon\"LeakShowed" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\360Safe\safemon\"MonAccess" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\360Safe\safemon\"SiteAccess" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\360Safe\safemon\"UDiskAccess" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\360Safe\safemon\"weeken" = "0"
- បិទ Registry ចាកចេញពី Windows
Post a Comment