04-04-2007, 07:18 PM
I'd be very leery of any add-on that comes with an executable. I haven't heard of anything that can "break" the sandbox of LUA to allow a mod to do something outside of WoW. If such has ever happened I'd love to hear about it. That being said, there are a few add-ons that do actually have associated exe's, I believe Titan Panel does. I still wouldn't use them. I won't even use the Ace Updater.
In this case, though, the problem might very well have come from visiting the site where it was downloaded rather than the add-on itself. In particular I'd be suspcious of the ani file vulnerability which recently formed the basis of a zero-day exploit against IE's rendering engine. All it would have taken was a bad banner ad and kapow. This bug isn't theoretical, it's being actively exploited. Or it might have been any of a legion of older ones, or a new one that's only been discovered so far by people who don't feel like telling MS about it. You're not completely safe using Firefox or Opera, but you're much better off.
Anyway, if someone knows they have had a keylogger installed, the machine is basically hosed. Losing some WoW goods is the least of the concerns at this point. Running rootkit revealer and every spyware program known to man MIGHT fix things, but honestly a full re-install of the operating system is the only way to be sure.
As an aside regarding the exploit: animated cursors in a web browser? Who the hell ever used this for anything other than this exploit? It's the constant adding these sorts of unwanted, useless "features" to stuff that causes so many problems. I know there's pressure to add features all the time, it's the nature of the beast. It's when the features themselves are useless crap that it really annoys me.
In this case, though, the problem might very well have come from visiting the site where it was downloaded rather than the add-on itself. In particular I'd be suspcious of the ani file vulnerability which recently formed the basis of a zero-day exploit against IE's rendering engine. All it would have taken was a bad banner ad and kapow. This bug isn't theoretical, it's being actively exploited. Or it might have been any of a legion of older ones, or a new one that's only been discovered so far by people who don't feel like telling MS about it. You're not completely safe using Firefox or Opera, but you're much better off.
Anyway, if someone knows they have had a keylogger installed, the machine is basically hosed. Losing some WoW goods is the least of the concerns at this point. Running rootkit revealer and every spyware program known to man MIGHT fix things, but honestly a full re-install of the operating system is the only way to be sure.
As an aside regarding the exploit: animated cursors in a web browser? Who the hell ever used this for anything other than this exploit? It's the constant adding these sorts of unwanted, useless "features" to stuff that causes so many problems. I know there's pressure to add features all the time, it's the nature of the beast. It's when the features themselves are useless crap that it really annoys me.
"Yog-Sothoth is the key to the gate, whereby the spheres meet. Man rules now where They ruled once, but after summer is winter, and after winter summer. They wait patient and potent, for here shall They reign again."
- Abdul Alhazred
Warcraft characters
Stormrage:
- Naphta, 70 Warlock, 350 goblin engineer
- Xinth, 60 Warrior
Terenas
- Nezeramontias, 33 priest
- Boulderan, 13 shaman
- Abdul Alhazred
Warcraft characters
Stormrage:
- Naphta, 70 Warlock, 350 goblin engineer
- Xinth, 60 Warrior
Terenas
- Nezeramontias, 33 priest
- Boulderan, 13 shaman