美服《魔兽世界》玩家账户安全受威胁 官方尚未解决特洛伊木马

账户被盗*潜在木马
我们已经收到关于一个危险的木马报告, 用来盗取玩家账户, 即使他们使用了认证器来保护账户安全。木马在玩家输入的时候，通过盗取账户信息和身份验证密码被实时激活。
最近，如果你的账户被入侵, 我建议找到木马。它可以创建在MSInfo文件中, 然后在启动程序的文件中寻找“Disker”或“Disker64”。它通常会以下面形式出现：
Disker rundll32.exe c:\users\name\appdata\local\temp\w_win.dll,dw Name-PC\Name Startup
Disker64 rundll32.exe c:\users\name\appdata\local\temp\w_64.dll,dw Name-PC\Name Startup
我们正在寻找关于特洛伊木马的更多信息。我们还无法找到任何反病毒程序以删除它，除了重新格式化您的系统。如果你最近被盗，并在系统中找到它，请回复以下的信息。职业玩家游戏工作室论坛，为您提供游戏项目，游戏辅助，VPN,国外游戏资讯等最新信息。
你的MSInfo。
近期安装的所有插件列表以及其出处。
近期安装的所有程序列表以及其出处。
你是用的安全程序及其效果。
 

原文

Compromised accounts* Potential Trojan
Hello,
We've been receiving reports regarding a dangerous Trojan that is being used to compromise player's accounts even if they are using an authenticator for protection. The Trojan acts in real time to do this by stealing both your account information and the authenticator password at the time you enter them.
If your account has been compromised recently, I'd recommend looking for the Trojan. It can be identified by creating an MSInfo file and then looking in the Startup Program section of that file for either "Disker" or "Disker64". It will usually appear like this:
Disker rundll32.exe c:\users\name\appdata\local\temp\w_win.dll,dw Name-PC\Name Startup
Disker64 rundll32.exe c:\users\name\appdata\local\temp\w_64.dll,dw Name-PC\Name Startup
We are currently looking for more information on the Trojan. We have not been able to locate any anti-virus programs that will remove it besides just reformatting your system. If you have been recently compromised and find it on your system please reply with the following pieces of information.
Your MSInfo.
A list of any addons you recently installed along with where you got them.
A list of any programs you recently installed along with where you got them.
Any security programs you have run and their results.