游戏王gx汉化版:LOADHW.EXE杀完就没什么碍了吧??

后门-CYP 木马，运行在客户端

Backdoor-CYP is a Trojan that when installed, runs silently, no GUI screen or other message boxes appear.

CYP后门特洛依木马安装以后，运行时，不会出现其它的任何信息。

It immediately removes itself from the location where it was run from. It moves itself to the %windows\%system directory, for example on a win2000 system:

当它运行时，自已不会从本地机器上清除，在2000操作系统下，你可以在以下的目录中找到如下的文件：

c:\winnt\system32\loadhw.exe
To automatically load itself at system startup it creates the registry entry:

当开机自动运行时，会在注册表中产生以下的键值：

hklm\software\microsoft\windows\currentversion\runonce "dwMyTest," with data:
c:\winnt\system32\loadhw.exe
同时也会同样的目录下下载一个DLL文件，文件名为：MSITINIT。DLL，文件长度约为120。8K，D
It also drops a .dll file called "msitinit.dll" (filesize 120.832) into the same directory:
c:\winnt\system32\msitinit.dll

同时也会在同样的目录下，下载另外一个叫NPF.SYS的设备文件，文件长度约为39K

It may also drop a file called npf.sys (filesize 39.952) into the %windows\%system\drivers directory, however this is a regular file.

更多的信息，可以在MCAFEE网站中找到！