Get an Epic Experience with Premium

Virus Warning

Unfortunately there is another rash of virus attacks via WoW AddOn websites. This time the culprits have struck WoWinterface, but thankfully this issue was taken care of fairly quickly on their end. Slouken posted a warning about the issue and Cairenn -- the WoWI Administrator -- created a thread, alerting everyone of the known file versions that are trojans. She's also provided a great recap of steps to take if you've been infected by this trojan, so please be sure to take a look at the thread -- especially if you use auto updater programs to download your AddOns from your favorite websites.

We'd like to echo what Slouken says in his post: do not download an AddOn package that contains an executable file of any type; if you absolutely must, be sure the source is trusted beforehand.

In response to this, we here at Curse are going to be putting our executable acceptance on lockdown temporarily until this situation is under better control. We apologize in advance for any delays this places on everyone's packages being available on the website, but ensuring the safety of players who visit Curse is our top priority when it comes to executable files.


  • #1

    My way
    * Finish visiting websites
    * Tools->Internet Options->View Files
    * CTRL+A->Shift+Delete->Ok(Yes)
    * Run PC Tools Spyware Doctor->Intelligent Scan
    * Run McAfee Virusscan -> Quick Scan

    Go to sleep
    * Run full scan on both

    Hardly any viruses visiting my computer.

    ps: Get WoWAce's auto updater. Hit the refresh button every morning and night and you always find an update to install. Can also use Incgamer's autoupdater along with it and Curse's too.

    I use all three since they have different packages I get.

  • #2

    To watch the network traffic it'd have to install some kind of driver though (unless you already have something like winpcap running, which is doubtful for anyone...ermm..."uninformed" enough to install a keylogger/sniffer. What that basically means is if you try to install any addons that then pop up a box telling you it's not approved by microsoft yada yada with a Stop and Continue Anyway button, STOP!

  • #3

    you can get Norton Anti-Virus from the Google Pack, a free version of Mcafee from AOL at

    I personaly use Kaspersky.

    My advice if you got keylogger, trojan or virus -> reinstall windows.
    The best part of virus is the one that people know. The new generation of virus are somewhat hard to completly remove since they call home and do customized stuff that anti-virus won't always clean properly.

    Good luck! volounteer Moderator

  • #4

    I use a banking system with a secondary form of identification. Any transfers to non-approved destinations require you to enter a number that is sent to my phone via SMS. The worst an attacker could do with my banking password is transfer all my money to my saving account and leave me overdrawn on the primary account. Or paying their bill with a well known biller, thus leaving a very visible trail back to them. Not something I'd like to happen, but something that I can fairly easily recover from.

    Also, re: Stringbean23, a number of WoW password grabbers now work on the network traffic, not as a key logger directly. So it doesn't matter how you enter your password, it's still getting stolen. The basic problem is that an attacker has exactly the same privileges as the WoW client (and thus server). If the WoW client can identify itself to the server, the attacker can capture the credentials used. This is a problem with no good solution, save perhaps "get a mac." Oh, and do your porn browsing in a virtual machine that you reset after you've wiped off.

  • #5

    So any key loggers will have an even easier task as getting your password?
    Not a smart move, is it?

    The password will also reside in the buffer, so if that gets read out there's a second way of getting your password.

  • #6

    what i do is i have my pass word typed out in a notepad and before i open WoW up i copy the pass word and then open up wow and when it get to teh log in screen i paste my pass word with teh short cut ctrl +v.

  • #7

    Heres a few programmes that you guys might want to try if you think you may have been infected. - Free anti virus - Spybot search and destroy - Ad-aware 2007

    These are just incase any of you just have a firewall, but if you just have a anti virus, be sure to download the ad-aware and spybot. Hope no-one uploaded those pesky virus' to this site

  • #8

    And out come the warnings of "Change your WoW password ASAP". If you got landed with a keylogger you'd best change ALL your passwords - don't know about you but I'd be buggered if someone got into my online banking account ;p

    I read someplace a few months back that a WoW user/pass is actually worth more on the black market than a cc number these days - scary thought. What's the answer though? The more secure you try to make things, the more complicated and troublesome they become. Classic example is banks that request several letters from a "memorable word" rather than (or in addition to) entering an entire password. Anyone trying to keylog it would have to piece it together bit by bit over a long period of time, but it'd be a right ass having to do that on every login :(

  • To post a comment, please login or register a new account.
Login to Curse

Don't have an account? Create One.

Get an epic experience with Curse Premium
  • Faster addon downloads
  • Premium-Only Beta Giveaways
  • Ad-Free Curse experience
  • Premium Curse Client
  • and many More Features
  • Learn More »

Star Trek Online Wiki Editing Contest