Deny Access to the currently "popular" Warcraft account theft Trojan

Source: Internet
Author: User

Gaming players should be aware that they do not have to lose their accounts before they begin to regret

The bad guy of Warcraft account theft Trojan does not know how many gamers are hurt, so that countless game players not only lose their favorite game accounts, but also the equipment they spent money on. The crimes of Warcraft account theft are really rare. It's time to cure this crazy guy and stop it before you get into your computer.

I have noticed that the two popular Warcraft Trojan horses are of the same type.

And the key files are gdm1_2.dll, so a very simple step can make the trojan main file does not work.

Okay. Let's talk about the method:

Ensure NTFS file system

First, make sure that the file system of drive C is NTFS. The viewing method is simple. Go to the root directory of drive C and click the details on the left. If the file system is followed by NTFS, It Is NTFS, if it is FAT32, it may need to be converted. The conversion method is as follows:

Click Start in the lower-left corner of the desktop, then click Run, Enter cmd, and enter: (Convert C:/fs: ntfs). You can directly copy or input in parentheses. Then press enter to complete the conversion. Wait a moment.

Note: If a file is running on drive C, the operating system will prompt you to convert the file upon restart. When you start the system, there will be a process of checking the disk and converting the file system, please do not shut down! After that, Windows restarts automatically!

After confirming that the file system of your drive C is NTFS, let's talk about how the virus is immune. Currently, this popular method is to create a gdm1_2.dll file that is not accessible to anyone. In this way, the virus cannot be overwritten, and the file cannot be written or read. Without this important file, it is naturally impossible to steal the number. However, make sure that the gdm1_2.dll file is not in your C: WINDOWSsystem32 directory.

Okay. Now let's start with the method.

Create immune File

First, create a text document and write the following content in it:

Md C: WINDOWSsystem32gdmsi32. dll

Attrib C: WINDOWSsystem32gdmsi32. dll + s + h + r

Echo y | cacls C: WINDOWSsystem32gdmsi32. dll/d everyone

Exit

Click "file" in the upper left corner of the document and select "Save as". Enter 1.batin the file name (whatever you enter, but the suffix must be bat or cmd ), select "all files" from the drop-down menu on the right of the Save type, and then save it, but it is best to save it to the desktop for ease of searching. Find the saved location and find a 1.bat( or other bat) file. Double-click the file to run it.

Because the system is added to the file to hide the property, you cannot see it. You need to display all files and system files to see it. No problem. The file is a transparent folder named gdm1_2.dll. Can you double-click it to try it? Access denied? Congratulations!

Before this trojan variant, this method ensures that this type of Trojan is invalid.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.