"Stalker" virus (known as Dsound.dll, Ddraw.dll virus). February 1, "stalkers" began to spread, firmly occupy the first place in the virus rankings. "Stalkers" to infect Windows system files Dsound.dll, Ddraw.dll as a springboard, bypassing anti-virus software and online gaming protection system. Once an infected system file is loaded into memory by a network game, "stalkers" will load a variety of popular games stolen Trojan Horse (characterized by the extension of DRV), the theft of "Tianlong eight", "sword nets three", "QQ Dungeon Warriors" and other popular online games account number. At the same time, will also make the game in the process of frequent card machine.
"Stalker" camouflage system files to steal online account
Since 2009, Trojans infected with system files have become a new trend. The appearance of the "stalker" means that the online stolen industry further refine the division of labor, you can bypass the security software and online protection to create a stand-alone virus. In the past, Trojans in order to invade the online games, must be loaded in the startup item, so the security software can be checked by the start to find out whether there is a Trojan horse into the system. And like "sneak" this through infected Dsound and DDraw files, and the Trojan loaded into the game situation, can bypass most of the security software detection. This is why the "stalker" has not been found by the mainstream of the soft spot.
List of online games that may be stolen by the "stalker":
"Tianlong Eight"
"Swordsman Love Network Version 3"
"Chibi"
"QQ Three Kingdoms"
"QQ Huaxia"
"Magic Field" and other dozens of online games.
List of repairable system files: Explorer.exe,explorer.exe,d3d8.dll,rpcss.dll,olepro32.dll,d3d8thk.dll,wsock32.dll,comdlg32.dll, D3d9.dll,lpk.dll,kernel32.dll,ksuser.dll,urlmon.dll,npptools.dll,rundll32.exe,comres.dll,imm32.dll,usp10.dll, MIDIMAP.DLL,DINPUT8.DLL,USERENV.DLL,,EXPLORER.EXE,CONIME.EXE,MSVCRT.DLL,DBGHELP.DLL,D3D8THK. Dll,netbios. Sys,msvcr71.dll,msimg32.dll,userinit.exe,explorer.exe,sensapi.dll
Characteristics of virus poisoning
The most notable feature is the generation of dc+ random numbers of. exe viruses in the c:recycled directory. The virus can be cleared but will be generated over time (generate time to be verified) The current solution is not needed to note that the virus in each disk generated recycled files disguised as the Recycle Bin Cheat Antivirus Trust It's best to reload to achieve the destruction.