环保设施管理:启动项中的KPFW32什么意思呀?

来源:百度文库 编辑:中科新闻网 时间:2024/03/29 14:07:21

金山网镖里的程序
也有可能是一种恶性儒虫病毒。详细情况:http://www.qiuy.com/diannao/books/software/security/index01/052.htm

是金山毒霸的程序,肯定是你电脑上装了毒霸或是金山防火墙,这个随电脑启动开始运行,保护你的系统,是有用的,不要删除。

是这防火墙程序,要保留的

恶性蠕虫-"赛舍"(Worm.Zezer)分析报告

"AVPTC32.EXE"

"AVPUPD.EXE"

"AVSCHED32.EXE"

"AVWIN95.EXE"

"AVWUPD32.EXE"

"BLACKD.EXE"

"BLACKICE.EXE"

"CCAPP.EXE"

"CFIADMIN.EXE"

"ESAFE.EXE"

"CFIAUDIT.EXE"

"CFIND.EXE"

"CFINET.EXE"

"CFINET32.EXE"

"CLAW95.EXE"

"CLAW95CF.EXE"

"CLAW95CT.EXE"

"CLEANER.EXE"

"CLEANER3.EXE"

"DV95.EXE"

"DV95_O.EXE"

"DVP95.EXE"

"DVP95_0.EXE"

"ECENGINE.EXE"

"EFINET32.EXE"

"ESPWATCH.EXE"

"F-AGNT95.EXE"

"FINDVIRU.EXE"

"FPROT.EXE"

"F-PROT.EXE"

"FPROT95.EXE"

"F-PROT95.EXE"

"FP-WIN.EXE"

"FRW.EXE"

"F-STOPW.EXE"

"IAMAPP.EXE"

"IAMSERV.EXE"

"IBMASN.EXE"

"IBMAVSP.EXE"

"ICLOAD95.EXE"

"ICLOADNT.EXE"

"ICMON.EXE"

"ICMOON.EXE"

"ICSSUPPNT.EXE"

"ICSUPP95.EXE"

"ICSUPPNT.EXE"

"IFACE.EXE"

"IOMON98.EXE"

"JED.EXE"

"JEDI.EXE"

"KPF.EXE"

"KPFW32.EXE"

"LOCKDOWN2000.EXE"

"LOOKOUT.EXE"

"LUALL.EXE"

"MOOLIVE.EXE"

"MPFTRAY.EXE"

"N32SCAN.EXE"

"N32SCANW.EXE"

"NAVAPW32.EXE"

"NAVLU32.EXE"

"NAVNT.EXE"

"NAVSCHED.EXE"

"NAVW.EXE"

"NAVW32.EXE"

"NAVWNT.EXE"

"NISUM.EXE"

"NMAIN.EXE"

"NORMIST.EXE"

"NUPGRADE.EXE"

"NVC95.EXE"

"OUTPOST.EXE"

"PADMIN.EXE"

"PAVCL.EXE"

"PAVSCHED.EXE"

"PAVW.EXE"

"PCCWIN98.EXE"

"PCFWALLICON.EXE"

"PERSFW.EXE"

"RAV7.EXE"

"RAV7WIN.EXE"

"RESCUE.EXE"

"SAFEWEB.EXE"

"SCAN32.EXE"

"SCAN95.EXE"

"SCANPM.EXE"

"SCRSCAN.EXE"

"SERV95.EXE"

"SMC.EXE"

"SPHINX.EXE"

"SWEEP95.EXE"

"TBSCAN.EXE"

"TCA.EXE"

"TDS2-98.EXE"

"TDS2-NT.EXE"

"VCONTROL.EXE"

"VET32.EXE"

"VET95.EXE"

"VET98.EXE"

"VETTRAY.EXE"

"VSCAN40.EXE"

"VSECOMR.EXE"

"VSHWIN32.EXE"

"VSSCAN40.EXE"

"VSSTAT.EXE"

"WEBSCN.EXE"

"WEBSCANX.EXE"

"WFINDV32.EXE"

"ZAPRO.EXE"

"ZONEALARM.EXE"

发帖时间:2006-5-8 13:41:51
作者:coolbo 编辑 删除 引用 第3楼
7、利用系统网络设置来偷取存储于系统中的帐号及密码

解决方案:

1、不要相信微软发送的补丁邮件,微软是不会以邮件方式发送补丁程序的,请使用Windows Update进行补丁升级;

2、为防止该病毒的入侵请尽快升级毒霸到最新,10月9日病毒库可处理该病毒;

3、手工清除方法:

对于WIN9X用户可以在纯DOS模式下删除以下病毒文件:

%WindowsRoot%\Mscsgs.exe、

%WindowsRoot%\System\Mscsgs32.exe、

%WindowsRoot%\Msn_inst.exe、

启动目录\msnexec.exe

对于Win2000/WinXP用户,请使用进程管理器结束名为:“Mscsgs.exe、Mcsgs32.exe、Msn_inst.exe、msnexec.exe”的进程,然后删除以下文件:

%WindowsRoot%\Mscsgs.exe、

%WindowsRoot%\System\Mscsgs32.exe、

%WindowsRoot%\Msn_inst.exe、

启动目录\msnexec.exe

请下载金山毒霸的注册表修复工具( http://www.duba.net/download/3/8.shtml ),回恢对系统功能的限制,然后删除病毒在注册表中添加的项目:

HKEY_LOCAL_MACHINESoftware\Microsoft\Windows\CurrentVersion\Run\ Mscsgs "%WindowsRoot%\Mscsgs.exe"

HKEY_LOCAL_MACHINESoftware\Microsoft\Windows\CurrentVersion\ RunServices "%WindowsRoot%\SYSTEM\Mscsgs32.exe"

HKEY_CURRENT_USER\Software\Zed\Dozer\ Dozer "W32/Dozer by Zed"

HKEY_CURRENT_USER\Software\Zed\Dozer\MSNContacts

最后,将保存在系统中的密码都修改一次。比如:MSN的登录密码,某些网站的登录密码、邮箱的登录密码等等。