Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

[FAQ] Keylogger Protection

Forum Avatar
Skee
#0 - Nov. 19, 2007, 8:12 p.m.
Blizzard Post
UPDATE:19/11/2007 - Added Content ( Tricks)
UPDATE:20/11/2007 - Added Browser Security Scanning
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Welcome To my Keylogger Protection Topic, created to help inform and fight against keyloggers!

1: What are keyloggers?

Keylogger's are programs that are written for the sole purpose of infecting *one's* computer so as to steal accounts. The Keylogger's works by infecting the part of Windows that identifies your keyboard and the buttons you press, and from there it keeps note of what you type , so Whenever you open WoW.exe (For example) , the keyloggers *writes down* your account and password and sends it to the creator.

2: Thats so mean! How do i fight back?

Fighting Back to an infection of a keylogger is both , easy and hard. Its easy to locate it since it "injects" into your system as to manipulate and *keep an eye* in what you type, 24/7. Anti-Virus, Anti-Spyware and Registry scanning programs are able to find the infection and delete it / modify it . Now the hard part is, not being Paranoid. After you have scanned your computer ,you can't rest assured that it's gone , because there is a possibility that the keylogger is still in your computer, and instead of working , it's just disabled until you stop the scanning.

3: Hmm everytime i enter a topic that involves a link to a .cn domain , there are people shouting " Keylogger! ". why is that?

Thats due to the fact that , the majority of sites that promote keylogging computers, are Chinese, but let's not forget that also American/European sites exist that try to lure people into installing a keylogger, so its not only the Chinese, just the majority.

4: Ok i get it ,but how do i avoid infection? A Simple way to be *Keylogger-Free* for the rest of your life, is to avoid visiting the Forums of WoW , but thats too hard,especially when you play a game that involves community or you have Questions regarding the Game.Another way,is to completely ignore the Gold-Selling/ Powerleveling Websites that all those * Level 1 characters with names like CJCdCJEH promise" . Chance of getting infected is 99.5% when visiting those websites.


5: How do you know all this?
Firstly i would like to state that in my 3,5 years of playing World of Warcraft , i have only gotten infected by a keylogger once, and that was recently due to my own mistake.It was late night and i was reading the forums,and clicked at a link from a .com domain , but it had a keylogger inside.If my mind serves me right ,it was called " PWStealer" , so to prevent others from the thing i faced,i decided to write a topic about keyloggers!.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Suggestions


1: Use Firefox and stop using Internet Explorer. Really, its an internet browser that is made out of win ,while IE is easy to manipulate due to its Bug loops, that keylogging sites can/ and will use to install one to your computer.

2: Install BlockSite , an Firefox addon ( https://addons.mozilla.org/en-US/firefox/addon/3145 ).

Blocksite prevents certain domains from loading and its very easy to configure. For example,to prevent all ".cn " domains, you enter " *.cn " in the Blacklist. The symbol " * " means that Blocklist will block all sites that are .cn .

3: Install KeyScrambler . (https://addons.mozilla.org/en-US/firefox/addon/3383) .

KeyScrambler encrypts whatever you type in Websites ,although it doesn't work while in Games , but it helps in General when accessing Websites that are not protected.

4: No Script! ( https://addons.mozilla.org/en-US/firefox/addon/722 ) Whoever doesn't use that , is really missing out a lot!

Noscript is one of the addons on the internet, that makes website browsing safe! It Disables all scripts on the site you visit, thus disabling all Viruses,spyware and keyloggers entering infecting your computer through Flash/Scripts.

5: WOT (https://addons.mozilla.org/en-US/firefox/addon/3456)

Wot protects you from Phishing Websites through *Ratting" given by the visitors. If you want to be safer,you can enable an option that, upon entering a dangerous website,it will change the whole page's color to Red and State that its dangerous! (It wont let you Enter).

Fortifications::

1) AntiVirus
2)Firewall
3)Safe internet browser (as stated above)
4)Logic aka *Using Brain properly*.
5)Registry Optimizer
6)Keylogging Tricks! (Must Read)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1) People tend to think that Keyloggers are plain scripts writen to Keep account of what is being typed under special events. For example, under the event of me, the owner , opening WoW. Thats when the keylogger will start to function and until then it stays out of sight(Undetected).That happends due to the keyloggers wanting only your Account and password , instead of your MSN account or hotmail.(in the case of WoW), But lets not forget that since it infects and its malicious,then it falls in the Virus/Malware category. Hence the "WoWpw.backdoor" ,"PWstealer.trojan32" etc. So don't go looking for Anti Keylogger programs when you can use some Proper Anti Virus software.

Remember just because a Anti Virus software is made by a very well known company/ or is expensive,doesn't mean its Good and effective.

Norton which is known for Good Antivirus programs has failed me a lot of times, and my System is up to date with everything.And its not only me,ask around the internet, people are starting to use other Anti Virus products that are far more Effective.

AVG is an antivirus that is just as effective as others,and you can use the free edition.The only think that is lacks, is the Good looking UI,but we dont want that,we want it to find the keylogger!

-http://free.grisoft.com/

If you prefer to use products from well known companies,then Panda,Norton and Macafee are for you!

- http://www.pandasecurity.com
- http://www.mcafee.com/
- http://www.symantec.com/

2) Keyloggers are also seen as spyware since it steals documents/ keeps an eye for things it shouldn't.
One of the best is Spybot Search and Destroy, hands down!Make sure its always Updated!

-http://www.safer-networking.org/en/index.html

3)Browsers are all above. :)

4) Using your brain when searching and surfing the net,and the WoW Forums is very important,actually by using it all the time and staying in alarm, you will avoid all the dodgy links like the <insert wierd keylogging site>

5) ASO, also known as Advanced System Optimizer by Systweak, is a program that does everything! It can scan your registry for modifications/flaws, scan your system for malware and even repair/delete junk,its very useful and by using ASO you can find changed registry data that has to do with the keylogger.

- http://www.systweak.com

6) Last but not least, the *tricks of the trade*.

a)Never Ever click on links that redirect. The links that redirect have the word "redir" in the Url.

b)Do not trust links from Tìny Url . That site takes the original url and names makes it smaller, but the thing is,that you don't know the original name of the site. The site could be one that has keyloggers.

c) Don't log onto World of Warcraft forums that dont start/ dont have to do with " wow-europe.com, worldofwarcraft.com" and the others ones of the other countries! Sites like
http://000.000.0000.00post.html?forumId=10001&postId=16400481355&op=2&sid=1 should not be trusted.(The website that has been posted isn't a true/valid one and it doesn't lead anywhere. Common sense since its all consisted of Zeros ( 0 ) instead of an IP. So In before the *Keylogger* statement)
But do keep in mind,that sometimes the cache bugs and instead of showing "wow-europe",it will show an IP when logging to the Warcraft forums.Many people call those sites *phishing sites* but it may just be your PCs fault. To be sure before clicking, insert the IP in the following site ( http://www.arin.net/whois/ ) . If its Blizzards website, it will say so " Blizzard Entertainment etc".


Browser Security Scanning: It has been proven that by having IE with enabled active X, even without using IE , makes your system vulnerable so disabling and adjusting options that have to do with 3rd programs and Active X is a must. This website offers that kind of service. When you start the Test it find security Flaws and lets you know how to fix them. Recommended!

-http://www.jasons-toolbox.com/BrowserSecurity/


I hope that i have been of help in this Topic of mine. I would like to see this topic turn into a sicky,so if you liked it please take the time of reporting it as a sticky.

This guide was writen as a sole purpose to inform and help out victims of Keyloggers.

Kind Regards, Skee.
Forum Avatar
Vaneras
#1 - Nov. 19, 2007, 8:30 p.m.
Blizzard Post
This is a very nice post Skee... great work :-)

I am sure that this thread will be of help to many people.

Since PC security is quite an important topic in general, I would like to mention this sticky thread that is already touching the subject of 'safening' up:
http://forums.wow-europe.com/thread.html?topicId=273198555&sid=1