I have read that the most prevalent form of hack (for wow at least) is some sort of social engineering ... ie a "trick" website or bogus offer or look alike websites ... and the like .... just like the .org site where the OP got her executable keylogger.
The reason these things work is not because anyone is particularily stupid (after all we all fall short of perfection), but because some of these hackers are pretty smart and bank on our internet complacency (or trust if you will). As one who has had to remove malware almost every day this week (all let in by IE 8 vulnerabilities and not by running unknown downloadable software ... just by opening a web page), I can completely understand how folks can get the stuff (thanks combofix and malwarebytes and superspyware and spybot and etc. for letting me be able to clean up after myself)
I do not have a wow authenticator (as I have not figured out how they work as yet ... how do they know what code is on the server for me for a certain day or specifi login time .... lol) and so instead use a little trick I read about somewhere to help foil keyloggers (should I be blessed with one one day).
I store my password in a little text file with an innocuous name and then open that file and select and copy the password (goes to clipboard) .. close the file, then open wow and then paste the pasword in with ctrl + v so the keylogger if it exists would only get ctrl + v as a password.
I truly hate all these hacks and whatnot and feel that most of the blame for their existance is peeps who seek an unfair advantage by buying gold .... After all the only source of profit for these hacks is the stinkin gold buyers ... who by the way SUCK big time.
I got hit too but never found the culprit. The authenticator helps a ton in terms of peace of mind.
Edit to add that mmorpg.com came up blacklisted by my AV program last night because it has been a source of keylogger ads in the past 90 days. To get here and post this required that I ignore the warning. =/
I think the authenticator is one of the best things ever. I wish every game had one.
So far as getting hacked, if you play these games long enough, and particularly the ones with thriving gold sellers, you run a big chance they will get you eventually. I haven't played WoW for nine months and I still get 4 e-mails a day where they are trying to get me to open one so they can get at my account.
For people who say gold sellers don't hurt anyone, this is one of many examples where they do.
EQ1, EQ2, SWG, SWTOR, GW, GW2 CoH, CoV, FFXI, WoW, CO, War,TSW and a slew of free trials and beta tests
Asheron's Call was the last time I ever used an add-on. It was not because I had a bad experience with it but rather after I left that game I started seeing all you guys on forums complaining about getting hacked and pointing toward add-ons. I realized at that point that it was going to become popular to screw people over using add-ons so I walked away.
I don't use email clients that download emails from a server to my machine, either. That's one of the quickest ways to get a virus. I only use web based email.
"Many nights, my friend... Many nights I've put a blade to your throat while you were sleeping. Glad I never killed you, Steve. You're alright..."
I think the authenticator is one of the best things ever. I wish every game had one.
So far as getting hacked, if you play these games long enough, and particularly the ones with thriving gold sellers, you run a big chance they will get you eventually. I haven't played WoW for nine months and I still get 4 e-mails a day where they are trying to get me to open one so they can get at my account.
For people who say gold sellers don't hurt anyone, this is one of many examples where they do.
IMHO it is not the gold sellers that hurt the game(s) ... it is the gold Buyers
I think the authenticator is one of the best things ever. I wish every game had one.
So far as getting hacked, if you play these games long enough, and particularly the ones with thriving gold sellers, you run a big chance they will get you eventually. I haven't played WoW for nine months and I still get 4 e-mails a day where they are trying to get me to open one so they can get at my account.
For people who say gold sellers don't hurt anyone, this is one of many examples where they do.
IMHO it is not the gold sellers that hurt the game(s) ... it is the gold Buyers
They both hurt the game.
EQ1, EQ2, SWG, SWTOR, GW, GW2 CoH, CoV, FFXI, WoW, CO, War,TSW and a slew of free trials and beta tests
Third party programs trivialize certain aspects of the game, even if it is as simple as keeping track of your DPS, or autobuffing when your buffs wear out.
I don't use them, you shouldn't either. *Thumbs up*
Not so sound a bit uppity here but you got hacked because you did something stupid. You went to the wrong stie using an add-on not provided through more officiated and trusted channels. Even using add-ons (and note, I use them too) exposes you to potential risk. Most add-on sites don't have the same kind of security that your game provider has and as such as easy targets.
In this case it was something much more obvious. This is where common-sense internet browsing pays off. Use bookmarks, use trusted sites, validate where you are going every time you enter a URL or click a link. You got hacked because you made a mistake. And w hile I appreciate the article it feels all-to-typical human thinking in its "not my fault" approach. You wouldn't have gotten hacked had you A) not used add-ons (please note, I use them, but htis is still true) or validated what you were doing and what you were downloading or C) after realizing you downloaded the wrong thing *AND* installed you continued to load up your game.
You're right, virus checkers won't protect you from software you install at your command which is what you did here. You deliberately installed software and gave it the right to invade your machine. You even acknowledge you knew you had done this. Then went about as if nothing untoward happened.
Note to your average computer user, if you make this mistake, even if your virus checker says your machine is clean. NUKE FROM ORBIT. Literally. Format and start over. It's that simple. Sure it's a pain in the ass but in this case after realizing you installd bad juju, you shold've formated the machine and reinstalled the OS. Then you wouldn't have been hacked.
It certainly can happen to anyone, no one is safe, but this 'not my fault' mentality has to go. You learn by reccognizing your mistakes, not pointing out the mistakes of others.
There, snobbish internet security stuff said, I'm sorry you got hacked. Sucks big time. In fact a *great* article for MMORPG.com would be to investigate, throoughly, how all the major MMO makers handle this situation from a CS standpoint. It would be awesome to see what it takes for Blizzard, SOE, Frogster, Turbine, to restore accounts across their games. And how they resolve the situation. How long does it take to get your account back? How long does it take to get a full restore? How much proof do you have to have? etc. This would be a good review of their CS teams and one I'd love to read after an article like this. I'd be more interested in how you fixed your situation with Blizzard, what it took, how long from point of call to full restoe AND how you fixed the keylogger on your machine. That would be a good article.
BTW, I am a hijackthis user for several years. However I fear it's been around long enough that viruses will start finding ways to hide from it.
Sucks to get hacked. I help people who have infection problems on a daily basis and it's never easy telling people they need to call of their credit card companies and tell them their computer was infected and they need to check their recent purchases and be issued new cards.
And before someone makes a snarky comment I'm only referring to the infections/trojans/keyloggers that attempt to steal this type of information, I don't tell everyone to do the above.
Anyway, back to the quote. HijackThis only detects infections that are running, made changes to the registry, or made changes to IE/internet settings.
It's pretty limited as to what it can actually detect. Rootkits are becoming more and more of a problem and HijackThis does not detect these. In fact most internet security programs have a problem with rootkits.
I know the OP mentioned avast! (I'm guessing the free version) which is ok, but you really need some type of Internet Security software to cover detection of malware, viruses, trojans, and a firewall to monitor network traffic.
Personally I run Kaspersky Internet Security in conjuction with Malwarebytes and HijackThis.
The other thing that I do, which I recommend to all of my clients, is any time you download something onto the computer to run scans on the program before installing it. I have not had a virus actually infect my computer, ever; but I have had quite a few infected installation packages that I have downloaded over the years.
Sooo.. that's my 2c.
"There is as yet insufficient data for a meaningful answer."
Copy and paste. If you share your computer it's a bad idea to keep information in a text document, but if you don't it's good to use it. If you don't type anything, keyloggers don't see anything. It's a good just in case method.
Don't use anything in the dictionary. Dictionary hackers are very common. If you're using a word that appears in the dictionary, you'll get hacked. Period.
It's recommended that you don't use patterns on the keyboard, and that's very true in an office or public environment, but at home when you don't have the threat of someone looking over your shoulder, it's fine and can make for some very strong, but easy to remember passwords. For instance, "jmk,l.;:" is just starting with J then hitting the keys going right in an up and down fashion.
Perhaps I'm out of date, but last I heard it is strongly discouraged to run more than one of any type of automated protection (i.e. virus, malware, spyware). I've heard that they can conflict with each other if, for instance, you run two virus protection programs like McAffee and Norton at the same time.
Keep Window's System Restore off. Some malicious programs will use that feature to restore themselves even after having been taken care of.
If you have something malicious that you just can't get rid of and you need to start from scratch with a reformat, wipe your computer, turn it off and unplug it for a bit. I've encountered malicious software before that kept itself resident in RAM until Windows was reinstalled then reinserted itself back onto the hard drive. By unplugging your computer you cut the power to your volatile memory (erases itself without power) and ensure that you are starting with a completely blank slate.
There's a really big tendency to assume that being keylogged/hacked = being an idiot when it comes to computing.
It's not always the case, evidently.
Sorry to hear she got hacked but...
Thank you Malwarebytes!
And thank you for the sugestion I will give Malwarebytes a try.
Malewarebytes and cc cleaner should be in every knowledgable PC users aresonal. Both are very effective and useful programs.
Agreed, also two other free programs Asquared and Superspyhunter are good. I have found that running at least two if not three anti-malware programs instead of just relying on one is usually best. Malwarebytes is the best overall, but even it can miss things that the other two might pick up. Firefox with Noscript is good too, I dont know if it is working with Windows 7 64 bit yet though or not.
And this is the very reason I will never play another Blizzard game again. Before I played WoW I never got hacked either. Then 6 monthe into the game my account got hacked. Well when it was all said and done blizzard restored my account and sent me a free authenticator. I have deleted WoW off my comp and will never install it again. I do agree that no one is immune to getting hacked, but just like going to shady websites and picking up a keyloger or spyware installing WoW on your computer will deffenatly get you hacked sooner or later.
Well part of the key to this whole ordeal is the ADD ONS !
I do not agree with using add ons at all,and i have in the past stated that Wow is full of RMT and add on users.
You 100% do not need rmt or add ons,using those are noting but asking for trouble,and in most cases they are both boderline cheating.
I do agree it is easy to make a mistake when you come home very tired,luckily my mistakes have been me deleting a file i needed and just did not recognize when i was tired.I do always check the address bar if i am doing any kind of downloading and i have chickened out many times,if something looks suspicious.Example of things to watch are sites that claim you need to download soemthing to be able to view their page,unless it is something like adobe flash or something i know ,i am exiting that page.
The bottom line is it is always the same thing that gets people hacked,using suspicious programs with their games or RMT activity/powerleveling,visiting sites the ydo not need to visit but are probably there looking for cheats,bots ect ect.If i had my way Addons,RMT would be banned permanently as well as buying accounts,botting it is all trouble that will eventually come back on the developer who doesn't ask or need that kind of hassle.
Never forget 3 mile Island and never trust a government official or company spokesman.
2. Any downloads are recovered to a sandboxed downloads folder.
3. I scan the file(s) with a-squared whilst sandboxed.
4. I recover the files to unsandboxed downloads folder to scan again with AVG (unfortunately it won't work within the sandboxed folder, which is a pain).
5. If scans came back clean, I install.
6. I regularly scan my pc anyway just in case something slipped through.
I'm not saying it's the best method, just the one I use and seems to serve me well most of the time.
Ya it can happen to the extremely carefull. It don't matter what firewall/AV progs U use. It don't matter what paranoid habbits U take.
Blizz can fix this easy. IP logging with a verbal PW you need to phone in to access wow on any other IP than is normal. This should be a free service to keep wow players safe that you can opt for so as not to lock out variable IP's. U can't hack a phone convo, and listening to everyone's calls is a prohibitive waste of time. For the even more paranoid you can even call it in on a land line.
Not to be offensive but I still think you have to be stupid to have it happen. Clearly they didn't breach your firewall and maliciously go after you, you went to a bad site and downloaded a file from there, that is stupid.
First off I don't use third part apps for any MMO I play, never have, never will. I feel they are ridiculous and are basically cheating (in the fact that often times they give you advantages over those who don't use them). Also MMOs are easy and do not require extra assistance. But if I was going to use third party add ons, I would bookmark the sites I trust to be malware free so I didn't accidentally type something in wrong.
It truly is easy to avoid getting hacked.
It bugs me when I watch a show about how a guy got scammed into giving some Nigerian his bank account info and got robbed and he says "It can happen to anyone". No it can't because you have to be dumb to fall for one of those e-mails.
It's one thing if someone hacks into your bank and gets account information, or deliberatly picks a person and actually hacks into their computer to get the information they are looking for. Or a waiter at a restaurant steals your credit card information. Those are things that are essentially impossible to avoid and could result in a stolen identity. I can easily take pity on someone that happens to, but not someone who willing gives out the information. The same is for someone who willingly goes to a site and downloads a bad file.
This^^^
I have been gaming since 97 with UO and I have never been "hacked".
Of course I don't use chea...er 3rd party hack...er programs and that seems to be one of the biggest reasons people get "hacked". The others being the fake emails or giving info out to others.
It's simple really, play the game the way it was intended without 3rd party assistance and you don't have to worry about it. Don't fall for fake emails. Don't give your info out to anyone. Use different password/username combos for each game.
13 years of safe gaming with no issues following those simple rules.
Einherjar_LC says: WTB the true successor to UO or Asheron's Call pst!
Not to be offensive but I still think you have to be stupid to have it happen. Clearly they didn't breach your firewall and maliciously go after you, you went to a bad site and downloaded a file from there, that is stupid.
First off I don't use third part apps for any MMO I play, never have, never will. I feel they are ridiculous and are basically cheating (in the fact that often times they give you advantages over those who don't use them). Also MMOs are easy and do not require extra assistance. But if I was going to use third party add ons, I would bookmark the sites I trust to be malware free so I didn't accidentally type something in wrong.
It truly is easy to avoid getting hacked.
It bugs me when I watch a show about how a guy got scammed into giving some Nigerian his bank account info and got robbed and he says "It can happen to anyone". No it can't because you have to be dumb to fall for one of those e-mails.
It's one thing if someone hacks into your bank and gets account information, or deliberatly picks a person and actually hacks into their computer to get the information they are looking for. Or a waiter at a restaurant steals your credit card information. Those are things that are essentially impossible to avoid and could result in a stolen identity. I can easily take pity on someone that happens to, but not someone who willing gives out the information. The same is for someone who willingly goes to a site and downloads a bad file.
This^^^
I have been gaming since 97 with UO and I have never been "hacked".
Of course I don't use chea...er 3rd party hack...er programs and that seems to be one of the biggest reasons people get "hacked". The others being the fake emails or giving info out to others.
It's simple really, play the game the way it was intended without 3rd party assistance and you don't have to worry about it. Don't fall for fake emails. Don't give your info out to anyone. Use different password/username combos for each game.
13 years of safe gaming with no issues following those simple rules.
That's just it, many of us that have been hacked followed thoes rules.
We'll see U back here next year on the same side as us.
Not to be offensive but I still think you have to be stupid to have it happen. Clearly they didn't breach your firewall and maliciously go after you, you went to a bad site and downloaded a file from there, that is stupid.
First off I don't use third part apps for any MMO I play, never have, never will. I feel they are ridiculous and are basically cheating (in the fact that often times they give you advantages over those who don't use them). Also MMOs are easy and do not require extra assistance. But if I was going to use third party add ons, I would bookmark the sites I trust to be malware free so I didn't accidentally type something in wrong.
It truly is easy to avoid getting hacked.
It bugs me when I watch a show about how a guy got scammed into giving some Nigerian his bank account info and got robbed and he says "It can happen to anyone". No it can't because you have to be dumb to fall for one of those e-mails.
It's one thing if someone hacks into your bank and gets account information, or deliberatly picks a person and actually hacks into their computer to get the information they are looking for. Or a waiter at a restaurant steals your credit card information. Those are things that are essentially impossible to avoid and could result in a stolen identity. I can easily take pity on someone that happens to, but not someone who willing gives out the information. The same is for someone who willingly goes to a site and downloads a bad file.
This^^^
I have been gaming since 97 with UO and I have never been "hacked".
Of course I don't use chea...er 3rd party hack...er programs and that seems to be one of the biggest reasons people get "hacked". The others being the fake emails or giving info out to others.
It's simple really, play the game the way it was intended without 3rd party assistance and you don't have to worry about it. Don't fall for fake emails. Don't give your info out to anyone. Use different password/username combos for each game.
13 years of safe gaming with no issues following those simple rules.
Not true. You can still be hacked without using any 3rd party stuff, without buying gold or giving out your account ethier. There are programs after all which can keep guessing at a persons password.
Not to be offensive but I still think you have to be stupid to have it happen. Clearly they didn't breach your firewall and maliciously go after you, you went to a bad site and downloaded a file from there, that is stupid.
First off I don't use third part apps for any MMO I play, never have, never will. I feel they are ridiculous and are basically cheating (in the fact that often times they give you advantages over those who don't use them). Also MMOs are easy and do not require extra assistance. But if I was going to use third party add ons, I would bookmark the sites I trust to be malware free so I didn't accidentally type something in wrong.
It truly is easy to avoid getting hacked.
It bugs me when I watch a show about how a guy got scammed into giving some Nigerian his bank account info and got robbed and he says "It can happen to anyone". No it can't because you have to be dumb to fall for one of those e-mails.
It's one thing if someone hacks into your bank and gets account information, or deliberatly picks a person and actually hacks into their computer to get the information they are looking for. Or a waiter at a restaurant steals your credit card information. Those are things that are essentially impossible to avoid and could result in a stolen identity. I can easily take pity on someone that happens to, but not someone who willing gives out the information. The same is for someone who willingly goes to a site and downloads a bad file.
This^^^
I have been gaming since 97 with UO and I have never been "hacked".
Of course I don't use chea...er 3rd party hack...er programs and that seems to be one of the biggest reasons people get "hacked". The others being the fake emails or giving info out to others.
It's simple really, play the game the way it was intended without 3rd party assistance and you don't have to worry about it. Don't fall for fake emails. Don't give your info out to anyone. Use different password/username combos for each game.
13 years of safe gaming with no issues following those simple rules.
Not true. You can still be hacked without using any 3rd party stuff, without buying gold or giving out your account ethier. There are programs after all which can keep guessing at a persons password.
That is called a brute force attack, and it is a possibility but a slim one. Having your password cracked via brute force also sets up a bunch of red flags.
Again, following certain rules decreases your risk, but it still doesn't guarantee you will be 100 percent safe from getting hacked. Its like getting hit by a car... you could look both ways, and wait for the traffic lights, but no matter how cautious you are theres a chance someone might hit you.
Not to be offensive but I still think you have to be stupid to have it happen. Clearly they didn't breach your firewall and maliciously go after you, you went to a bad site and downloaded a file from there, that is stupid.
First off I don't use third part apps for any MMO I play, never have, never will. I feel they are ridiculous and are basically cheating (in the fact that often times they give you advantages over those who don't use them). Also MMOs are easy and do not require extra assistance. But if I was going to use third party add ons, I would bookmark the sites I trust to be malware free so I didn't accidentally type something in wrong.
It truly is easy to avoid getting hacked.
It bugs me when I watch a show about how a guy got scammed into giving some Nigerian his bank account info and got robbed and he says "It can happen to anyone". No it can't because you have to be dumb to fall for one of those e-mails.
It's one thing if someone hacks into your bank and gets account information, or deliberatly picks a person and actually hacks into their computer to get the information they are looking for. Or a waiter at a restaurant steals your credit card information. Those are things that are essentially impossible to avoid and could result in a stolen identity. I can easily take pity on someone that happens to, but not someone who willing gives out the information. The same is for someone who willingly goes to a site and downloads a bad file.
This^^^
I have been gaming since 97 with UO and I have never been "hacked".
Of course I don't use chea...er 3rd party hack...er programs and that seems to be one of the biggest reasons people get "hacked". The others being the fake emails or giving info out to others.
It's simple really, play the game the way it was intended without 3rd party assistance and you don't have to worry about it. Don't fall for fake emails. Don't give your info out to anyone. Use different password/username combos for each game.
13 years of safe gaming with no issues following those simple rules.
Not true. You can still be hacked without using any 3rd party stuff, without buying gold or giving out your account ethier. There are programs after all which can keep guessing at a persons password.
That is called a brute force attack, and it is a possibility but a slim one. Having your password cracked via brute force also sets up a bunch of red flags.
Again, following certain rules decreases your risk, but it still doesn't guarantee you will be 100 percent safe from getting hacked. Its like getting hit by a car... you could look both ways, and wait for the traffic lights, but no matter how cautious you are theres a chance someone might hit you.
True, but the difference between a password of: "password" and "P@$$w0rd!" is like the difference in crossing the autobahn and crossing a mountain bike trail. I just use random generated 16-24 characted passwords. It's a pain in the ass but I've learned my lesson the hard way.
Does anyone know if it is as efficient as the box tells me it is? (of course it says its super awesome and the only progrmam you need for computer saftey)
And/or what else what should I try with it?
Malwarebytes has come up a few times on this thread. Is it a free downloadable program or can I find it on a disk?
Does anyone know if it is as efficient as the box tells me it is? (of course it says its super awesome and the only progrmam you need for computer saftey)
And/or what else what should I try with it?
Malwarebytes has come up a few times on this thread. Is it a free downloadable program or can I find it on a disk?
Answers to any of that would be awesome.
malwarebyte has a free version. I am not sure if the paid version is better?
Comments
Ccleaner is great, but Ncleaner is better.
I have read that the most prevalent form of hack (for wow at least) is some sort of social engineering ... ie a "trick" website or bogus offer or look alike websites ... and the like .... just like the .org site where the OP got her executable keylogger.
The reason these things work is not because anyone is particularily stupid (after all we all fall short of perfection), but because some of these hackers are pretty smart and bank on our internet complacency (or trust if you will). As one who has had to remove malware almost every day this week (all let in by IE 8 vulnerabilities and not by running unknown downloadable software ... just by opening a web page), I can completely understand how folks can get the stuff (thanks combofix and malwarebytes and superspyware and spybot and etc. for letting me be able to clean up after myself)
I do not have a wow authenticator (as I have not figured out how they work as yet ... how do they know what code is on the server for me for a certain day or specifi login time .... lol) and so instead use a little trick I read about somewhere to help foil keyloggers (should I be blessed with one one day).
I store my password in a little text file with an innocuous name and then open that file and select and copy the password (goes to clipboard) .. close the file, then open wow and then paste the pasword in with ctrl + v so the keylogger if it exists would only get ctrl + v as a password.
I truly hate all these hacks and whatnot and feel that most of the blame for their existance is peeps who seek an unfair advantage by buying gold .... After all the only source of profit for these hacks is the stinkin gold buyers ... who by the way SUCK big time.
If Ya Ain't Dyin, Ya Ain't Tryin
Sorry you got hacked, Jaime.
I got hit too but never found the culprit. The authenticator helps a ton in terms of peace of mind.
Edit to add that mmorpg.com came up blacklisted by my AV program last night because it has been a source of keylogger ads in the past 90 days. To get here and post this required that I ignore the warning. =/
I think the authenticator is one of the best things ever. I wish every game had one.
So far as getting hacked, if you play these games long enough, and particularly the ones with thriving gold sellers, you run a big chance they will get you eventually. I haven't played WoW for nine months and I still get 4 e-mails a day where they are trying to get me to open one so they can get at my account.
For people who say gold sellers don't hurt anyone, this is one of many examples where they do.
EQ1, EQ2, SWG, SWTOR, GW, GW2 CoH, CoV, FFXI, WoW, CO, War,TSW and a slew of free trials and beta tests
Asheron's Call was the last time I ever used an add-on. It was not because I had a bad experience with it but rather after I left that game I started seeing all you guys on forums complaining about getting hacked and pointing toward add-ons. I realized at that point that it was going to become popular to screw people over using add-ons so I walked away.
I don't use email clients that download emails from a server to my machine, either. That's one of the quickest ways to get a virus. I only use web based email.
"Many nights, my friend... Many nights I've put a blade to your throat while you were sleeping. Glad I never killed you, Steve. You're alright..."
Chavez y Chavez
IMHO it is not the gold sellers that hurt the game(s) ... it is the gold Buyers
If Ya Ain't Dyin, Ya Ain't Tryin
They both hurt the game.
EQ1, EQ2, SWG, SWTOR, GW, GW2 CoH, CoV, FFXI, WoW, CO, War,TSW and a slew of free trials and beta tests
Add-ons are bad, Mkay?
Third party programs trivialize certain aspects of the game, even if it is as simple as keeping track of your DPS, or autobuffing when your buffs wear out.
I don't use them, you shouldn't either. *Thumbs up*
LoL ... yea I guess they are a kind of team .... could not have one without the other.
If Ya Ain't Dyin, Ya Ain't Tryin
Not so sound a bit uppity here but you got hacked because you did something stupid. You went to the wrong stie using an add-on not provided through more officiated and trusted channels. Even using add-ons (and note, I use them too) exposes you to potential risk. Most add-on sites don't have the same kind of security that your game provider has and as such as easy targets.
In this case it was something much more obvious. This is where common-sense internet browsing pays off. Use bookmarks, use trusted sites, validate where you are going every time you enter a URL or click a link. You got hacked because you made a mistake. And w hile I appreciate the article it feels all-to-typical human thinking in its "not my fault" approach. You wouldn't have gotten hacked had you A) not used add-ons (please note, I use them, but htis is still true) or
validated what you were doing and what you were downloading or C) after realizing you downloaded the wrong thing *AND* installed you continued to load up your game.
You're right, virus checkers won't protect you from software you install at your command which is what you did here. You deliberately installed software and gave it the right to invade your machine. You even acknowledge you knew you had done this. Then went about as if nothing untoward happened.
Note to your average computer user, if you make this mistake, even if your virus checker says your machine is clean. NUKE FROM ORBIT. Literally. Format and start over. It's that simple. Sure it's a pain in the ass but in this case after realizing you installd bad juju, you shold've formated the machine and reinstalled the OS. Then you wouldn't have been hacked.
It certainly can happen to anyone, no one is safe, but this 'not my fault' mentality has to go. You learn by reccognizing your mistakes, not pointing out the mistakes of others.
There, snobbish internet security stuff said, I'm sorry you got hacked. Sucks big time. In fact a *great* article for MMORPG.com would be to investigate, throoughly, how all the major MMO makers handle this situation from a CS standpoint. It would be awesome to see what it takes for Blizzard, SOE, Frogster, Turbine, to restore accounts across their games. And how they resolve the situation. How long does it take to get your account back? How long does it take to get a full restore? How much proof do you have to have? etc. This would be a good review of their CS teams and one I'd love to read after an article like this. I'd be more interested in how you fixed your situation with Blizzard, what it took, how long from point of call to full restoe AND how you fixed the keylogger on your machine. That would be a good article.
Sucks to get hacked. I help people who have infection problems on a daily basis and it's never easy telling people they need to call of their credit card companies and tell them their computer was infected and they need to check their recent purchases and be issued new cards.
And before someone makes a snarky comment I'm only referring to the infections/trojans/keyloggers that attempt to steal this type of information, I don't tell everyone to do the above.
Anyway, back to the quote. HijackThis only detects infections that are running, made changes to the registry, or made changes to IE/internet settings.
It's pretty limited as to what it can actually detect. Rootkits are becoming more and more of a problem and HijackThis does not detect these. In fact most internet security programs have a problem with rootkits.
I know the OP mentioned avast! (I'm guessing the free version) which is ok, but you really need some type of Internet Security software to cover detection of malware, viruses, trojans, and a firewall to monitor network traffic.
Personally I run Kaspersky Internet Security in conjuction with Malwarebytes and HijackThis.
The other thing that I do, which I recommend to all of my clients, is any time you download something onto the computer to run scans on the program before installing it. I have not had a virus actually infect my computer, ever; but I have had quite a few infected installation packages that I have downloaded over the years.
Sooo.. that's my 2c.
"There is as yet insufficient data for a meaningful answer."
Copy and paste. If you share your computer it's a bad idea to keep information in a text document, but if you don't it's good to use it. If you don't type anything, keyloggers don't see anything. It's a good just in case method.
Don't use anything in the dictionary. Dictionary hackers are very common. If you're using a word that appears in the dictionary, you'll get hacked. Period.
It's recommended that you don't use patterns on the keyboard, and that's very true in an office or public environment, but at home when you don't have the threat of someone looking over your shoulder, it's fine and can make for some very strong, but easy to remember passwords. For instance, "jmk,l.;:" is just starting with J then hitting the keys going right in an up and down fashion.
Perhaps I'm out of date, but last I heard it is strongly discouraged to run more than one of any type of automated protection (i.e. virus, malware, spyware). I've heard that they can conflict with each other if, for instance, you run two virus protection programs like McAffee and Norton at the same time.
Keep Window's System Restore off. Some malicious programs will use that feature to restore themselves even after having been taken care of.
If you have something malicious that you just can't get rid of and you need to start from scratch with a reformat, wipe your computer, turn it off and unplug it for a bit. I've encountered malicious software before that kept itself resident in RAM until Windows was reinstalled then reinserted itself back onto the hard drive. By unplugging your computer you cut the power to your volatile memory (erases itself without power) and ensure that you are starting with a completely blank slate.
Agreed, also two other free programs Asquared and Superspyhunter are good. I have found that running at least two if not three anti-malware programs instead of just relying on one is usually best. Malwarebytes is the best overall, but even it can miss things that the other two might pick up. Firefox with Noscript is good too, I dont know if it is working with Windows 7 64 bit yet though or not.
And this is the very reason I will never play another Blizzard game again. Before I played WoW I never got hacked either. Then 6 monthe into the game my account got hacked. Well when it was all said and done blizzard restored my account and sent me a free authenticator. I have deleted WoW off my comp and will never install it again. I do agree that no one is immune to getting hacked, but just like going to shady websites and picking up a keyloger or spyware installing WoW on your computer will deffenatly get you hacked sooner or later.
Sorry, you got hacked. How ever, you run games add-on EXE file. Huge mistake
MMORPG.COM has worst forum editor ever exists
Well part of the key to this whole ordeal is the ADD ONS !
I do not agree with using add ons at all,and i have in the past stated that Wow is full of RMT and add on users.
You 100% do not need rmt or add ons,using those are noting but asking for trouble,and in most cases they are both boderline cheating.
I do agree it is easy to make a mistake when you come home very tired,luckily my mistakes have been me deleting a file i needed and just did not recognize when i was tired.I do always check the address bar if i am doing any kind of downloading and i have chickened out many times,if something looks suspicious.Example of things to watch are sites that claim you need to download soemthing to be able to view their page,unless it is something like adobe flash or something i know ,i am exiting that page.
The bottom line is it is always the same thing that gets people hacked,using suspicious programs with their games or RMT activity/powerleveling,visiting sites the ydo not need to visit but are probably there looking for cheats,bots ect ect.If i had my way Addons,RMT would be banned permanently as well as buying accounts,botting it is all trouble that will eventually come back on the developer who doesn't ask or need that kind of hassle.
Never forget 3 mile Island and never trust a government official or company spokesman.
Sorry to hear about the keylogger, Jaime, and thanks for taking the time to write about the experience ^^
I use the following method to try to reduce risk of any infections:
1. I browse (I use Firefox) sandboxed using http://www.sandboxie.com/
2. Any downloads are recovered to a sandboxed downloads folder.
3. I scan the file(s) with a-squared whilst sandboxed.
4. I recover the files to unsandboxed downloads folder to scan again with AVG (unfortunately it won't work within the sandboxed folder, which is a pain).
5. If scans came back clean, I install.
6. I regularly scan my pc anyway just in case something slipped through.
I'm not saying it's the best method, just the one I use and seems to serve me well most of the time.
Ya it can happen to the extremely carefull. It don't matter what firewall/AV progs U use. It don't matter what paranoid habbits U take.
Blizz can fix this easy. IP logging with a verbal PW you need to phone in to access wow on any other IP than is normal. This should be a free service to keep wow players safe that you can opt for so as not to lock out variable IP's. U can't hack a phone convo, and listening to everyone's calls is a prohibitive waste of time. For the even more paranoid you can even call it in on a land line.
This^^^
I have been gaming since 97 with UO and I have never been "hacked".
Of course I don't use chea...er 3rd party hack...er programs and that seems to be one of the biggest reasons people get "hacked". The others being the fake emails or giving info out to others.
It's simple really, play the game the way it was intended without 3rd party assistance and you don't have to worry about it. Don't fall for fake emails. Don't give your info out to anyone. Use different password/username combos for each game.
13 years of safe gaming with no issues following those simple rules.
Einherjar_LC says: WTB the true successor to UO or Asheron's Call pst!
That's just it, many of us that have been hacked followed thoes rules.
We'll see U back here next year on the same side as us.
Not true. You can still be hacked without using any 3rd party stuff, without buying gold or giving out your account ethier. There are programs after all which can keep guessing at a persons password.
That is called a brute force attack, and it is a possibility but a slim one. Having your password cracked via brute force also sets up a bunch of red flags.
Again, following certain rules decreases your risk, but it still doesn't guarantee you will be 100 percent safe from getting hacked. Its like getting hit by a car... you could look both ways, and wait for the traffic lights, but no matter how cautious you are theres a chance someone might hit you.
True, but the difference between a password of: "password" and "P@$$w0rd!" is like the difference in crossing the autobahn and crossing a mountain bike trail. I just use random generated 16-24 characted passwords. It's a pain in the ass but I've learned my lesson the hard way.
I use 'Webroot Anti-Virus with Spy Sweeper'.
Does anyone know if it is as efficient as the box tells me it is? (of course it says its super awesome and the only progrmam you need for computer saftey)
And/or what else what should I try with it?
Malwarebytes has come up a few times on this thread. Is it a free downloadable program or can I find it on a disk?
Answers to any of that would be awesome.
malwarebyte has a free version. I am not sure if the paid version is better?