作者deathson (小米)
看板C_Chat
標題Fw: [情報] BZ官方警告有新的木馬程式
時間Fri Jan 3 12:11:40 2014
※ [本文轉錄自 WOW 看板 #1InZVEQi ] 作者: deathson (小米) 看板: WOW 標題: [情報] BZ官方警告有新的木馬程式 時間: Fri Jan 3 12:08:42 2014 原始連結:
http://us.battle.net/wow/en/forum/topic/11041384892 這次比較棘手的是這連用了驗證器的帳號也會中招 這個木馬似乎會及時攔截帳號資訊及驗證碼並且回傳 如果電腦裡面有 Disker rundll32.exe c:\users\name\appdata\local\temp\w_win.dll,dw Name-PC\Name Startup Disker64 rundll32.exe c:\users\name\appdata\local\temp\w_64.dll,dw Name-PC\Name Startup 這兩個檔案的話就是中木馬了 BZ官方現在還不知道哪些防毒程式有能力處理這東西. 如果有中的話, 請將下列資訊傳給BZ MSInfo 所使用的Addon(UI) 最近所安裝的程式以及其取得來源 任何防護程式跑出來的結果 -=-= Hello, We've been receiving reports regarding a dangerous Trojan that is being used to compromise player's accounts even if they are using an authenticator for protection. The Trojan acts in real time to do this by stealing both your account information and the authenticator password at the time you enter them. If your account has been compromised recently, I'd recommend looking for the Trojan. It can be identified by creating an MSInfo file and then looking in the Startup Program section of that file for either "Disker" or "Disker64". It will usually appear like this: Disker rundll32.exe c:\users\name\appdata\local\temp\w_win.dll,dw Name-PC\Name Startup Disker64 rundll32.exe c:\users\name\appdata\local\temp\w_64.dll,dw Name-PC\Name Startup We are currently looking for more information on the Trojan. We have not been able to locate any anti-virus programs that will remove it besides just reformatting your system. If you have been recently compromised and find it on your system please reply with the following pieces of information. Your MSInfo. A list of any addons you recently installed along with where you got them. A list of any programs you recently installed along with where you got them. Any security programs you have run and their results. --
這次的資訊比較嚴肅所以不塞簽名檔了... --
※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 71.131.178.96
※ 發信站: 批踢踢實業坊(ptt.cc) ※ 轉錄者: deathson (71.131.178.96), 時間: 01/03/2014 12:11:40
→ deathson:轉過來是因為有其他遊戲也有可能中招._. 01/03 12:11
推 bladesinger:是萌米(咬 01/03 12:13
This entry passed through the Full-Text RSS service — if this is your content and you're reading it on someone else's site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.
留言列表
留言列表
