Wowcraft.e
Wowcraft.e is a Trojan that specializes in stealing passwords from World of Warcraft accounts. Although Wowcraft.e is an old threat, Wowcraft.e may still be able to attack recent versions of Windows. Wowcraft.e has been confirmed to attack Windows up to version XP. Compromised World of Warcraft accounts typically are used for illegal activities that may cause the account to be banned. Even if not banned, these accounts may lose all in-game property or will be used to gain access to other personal information. Even if you're not using World of Warcraft, Wowcraft.e is a serious compromise of your PC security, but Warcraft players should be especially attentive about removing Wowcraft.e with anti-virus software assistance.
Wowcraft.e: An Aging but Still Powerful Password Thief
Most Wowcraft.e infections were reported in 2006 when Wowcraft.e first surfaced. Since that time, Wowcraft.e hasn't received any notable updates and may be a minimal threat to PCs running the latest versions of Windows. However, Wowcraft.e may still be active in the wild and a potential threat to Windows computers, particularly any PC running Windows XP, Me, NT, 98, 95 or 2000.
A Wowcraft.e attack begins with Wowcraft.e creating files in your Windows folder, followed by altering the Registry so that these files launch when Windows starts. The Registry exploitation continues when Wowcraft.e uses the Windows Registry to find the location of World of Warcraft configuration files. Once Wowcraft.e has the installation location for the game, Wowcraft.e will try to steal your account login information - both password and user name.
Why You Don't Want Wowcraft.e's Grubby Hands on Your WoW Characters
The results of a game account that's compromised by Wowcraft.e can consist of the following:
- Losing all in-game items, money or even entire characters. If you can re-access your account after eliminating Wowcraft.e, you may be able to request that these negative changes be reverted.
- Having your account used for illegal activities. Most compromised World of Warcraft accounts are used to gather in-game currency with unauthorized bots or to spam currency-selling messages and links to harmful websites.
- Having your account banned due to the above activities. Bans may be reverted at the discretion of World of Warcraft authorities, but a reversal of a ban that was caused by Wowcraft.e infection is never guaranteed
The main infection vector for Wowcraft.e is via malicious websites that merchandise in-game money to trade it for legitimate money, or through links sent out by Wowcraft.e-compromised accounts. Never purchase in-game currency or perform other actions that violate World of Warcraft's Terms of Service to avoid any possible Wowcraft.e infection vector.
You should remove Wowcraft.e by using an advanced anti-malware application. Deleting Wowcraft.e files manually may result in Wowcraft.e remaining on your computer or cause other problems.
File System Modifications
- The following files were created in the system:
# File Name 1 svch0st.exe 2 wow.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunPdate
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.