Silkroad Online Forums

A community forum for the free online game Silkroad Online. Discuss Silkroad Online, read up on guides, and build your character and skills.

Faq Search Members Chat  Register Profile Login

All times are UTC




Post new topic Reply to topic  [ 26 posts ] 
Author Message
 Post subject: Installed Ksro but it installed a keylogger wtf
PostPosted: Fri Apr 27, 2007 10:54 am 
Frequent Member
User avatar
Offline

Joined: Oct 2006
Posts: 1078
Location: Somewhere Fun
Ok i downloaded ksro from the official website installed it. It did a 5 second update but when i clicked start my zone alarm blocked a keylogger program called kdfmgr.exe.

I was like wtf so i uninstalled it and reinstalled it into a new directory and found that it installed these files into that directory too.

Now im pissed thinking ksro had a keylogger into the installation file, just to double check i downloaded on another computer which never had sro or ksro or any game installed on it before and the same thing happened.

WTF is going on did KSRO get hacked and someone modified the installation file.

i downloaded SilkroadOnline_v2.03.exe yesterday the latest verstion from the official site, http://kr.silkroad.yahoo.com/dataroom/download.asp

My isro copy is still runing fine can someone test it out for me and see if your geting the same shit.

_________________
Playing GW1 Rarely
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 10:58 am 
Hi, I'm New Here
Offline

Joined: Apr 2007
Posts: 19
perhaps u got it when u download somekind of hack/bot on normal sro :)


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 11:02 am 
Frequent Member
User avatar
Offline

Joined: Oct 2006
Posts: 1078
Location: Somewhere Fun
owning_since_1981 wrote:
perhaps u got it when u download somekind of hack/bot on normal sro :)


eh no never downloaded or visted anything like that

_________________
Playing GW1 Rarely
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 11:04 am 
Regular Member
User avatar
Offline

Joined: Jun 2006
Posts: 252
Location: Australia
Is zone alarm just being strange? Is there a way to check that that file actually is a keylogger?

_________________
IGN: Kaigar - Retired

Until the day that the silkroad is all covered with lag...


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 11:04 am 
Casual Member
User avatar
Offline

Joined: Apr 2007
Posts: 71
Location:
Greece
Ahhh, ur one happened in ksro, my one was in isro ingame, my kaspersky anti vrius reported a keylogger, I clicked terminate and it closed my sro, i think its a bug


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 11:06 am 
Ex-Staff
User avatar
Offline

Joined: Sep 2006
Posts: 5245
Location:
Off Topic
http://virusscan.jotti.org/

Upload it there, see what it says.

_________________
Ooh, I got a sexy ex-staff title!


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 11:06 am 
Common Member
User avatar
Offline

Joined: Apr 2007
Posts: 117
Location:
Sparta
My suggestion:

Find the kdfmgr.exe, zip it up, and send it to http://www.virustotal.com/en/indexf.html.

This link shows it to be a Lineage 2 password stealer/keylogger, but it's best to be sure.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 11:08 am 
Forum God
User avatar
Offline

Joined: Aug 2006
Posts: 8834
Location: Age of Wushu
http://www.virustotal.com/en/indexf.html

_________________
Playing Age of Wushu, dota IMBA


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 11:10 am 
Forum God
User avatar
Offline

Joined: Aug 2006
Posts: 8834
Location: Age of Wushu
http://www.virustotal.com/en/indexf.html

_________________
Playing Age of Wushu, dota IMBA


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 11:17 am 
Frequent Member
User avatar
Offline

Joined: Oct 2006
Posts: 1078
Location: Somewhere Fun
If someone can download the new installer from ksro and check it out for me please.

My ISRO is working fine no problems with it its only ksro installation with the new installer the old installer worked fine.

----

EDIT

HELP SOME DOWNLOAD THE NEW INSTALLER PLSSSS LET ME KNOW IF ITS CURRUPTED :banghead: :banghead: :banghead: :banghead: :banghead:

_________________
Playing GW1 Rarely
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 4:34 pm 
Advanced Member
User avatar
Offline

Joined: Mar 2007
Posts: 2094
Location:
Off Topic
Quote:
jackietang33
Posted: Fri Apr 27, 2007 11:04 am Post subject:
Ahhh, ur one happened in ksro, my one was in isro ingame, my kaspersky anti vrius reported a keylogger, I clicked terminate and it closed my sro, i think its a bug


same thing happened to me...I was like wtf Isilkroad keylogger...the isro download i have was from like 2006...I really hope its just a bug...cause when i do a normal scan (also uses kaspersky anti virus) it doesn't say any thing but if i start isro it warms me of keylogger I'll post screenshot later if I have time. To feel safe I'll scan it again.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 4:42 pm 
Banned User
Offline

Joined: Jun 2006
Posts: 4143
Location:
Babel
Some Virus scanners go off for no reason
when i was with project raptor (CNC General zero hour mod) Nortan anti virus would detect a worm within its programming of corse there was nothing like that in there but nortan was the only virus scanner that detcted it

Zone Alarm most be doing the excat same thing except with KSRO

i would try the file Axeoo but i CBA atm
anyways hope ur having fun on Xian

Grtz Van

_________________
<<banned from SRF for bot admission. -SG>>


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 4:54 pm 
Common Member
User avatar
Offline

Joined: Mar 2006
Posts: 186
Location: Xian Retiree / Aion[NA] : Zikel Retiree
Dropper/KorGameHack.20336

Summary

Dropper/KorGameHack.20336 is a dropper creating trojan horse that steals the user account information of a specific online game. When the dropper is executed, it creates kdfmgr.exe (14,848 bytes) , vdete.exe (20,336 bytes) in the Windows system folder. which is the trojan stealing the user's key strokes and sending to a specific email address.


weirdddddddd ehhhh?

_________________
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 4:56 pm 
Banned User
User avatar
Offline

Joined: Jan 2007
Posts: 4383
Location:
Off Topic
Most of the time it will say characteristics of a keylogger. Doesnt mean it is actually one but never can be too sure. To the person who said something about getting it from bots/hacks lol SRO isnt the only way to get keyloggers

_________________
------------------------------


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 5:55 pm 
Valued Member
User avatar
Offline

Joined: Mar 2006
Posts: 414
Location:
Xian
its not a keylogger o.o
its something called kdefense
check ur ksro folder

_________________
Image
Image
http://img116.imageshack.us/img116/407/sawasig02nc2.jpg
waiting for euro


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 6:52 pm 
Banned User
User avatar
Offline

Joined: Feb 2007
Posts: 1428
Location:
Aege
Yes get ready for it in isro too soon.
It's a keylogger well actually something that monitors keyboard directly.
It is an extension or replacement for gameguard.

U can see the small icon in the taskbar if u alt-tab out.

ps.: By the way gameguard is a rootkit too, it is always active deep in the os
at every boot, the .sys is loaded and it's in the windows dir.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 7:24 pm 
Valued Member
User avatar
Offline

Joined: Mar 2006
Posts: 414
Location:
Xian
hmm
http://findarticles.com/p/articles/mi_q ... _n12920713
http://www.kings.co.kr/HTTP/products/products01_01.php
:shock:

_________________
Image
Image
http://img116.imageshack.us/img116/407/sawasig02nc2.jpg
waiting for euro


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 7:37 pm 
Banned User
User avatar
Offline

Joined: Jan 2007
Posts: 6588
Location: Oo Some where i dont know!!
Note: Some of reported threats might be legitimate but in most cases they are dangerous.

Threat name Win32.X
Filename [System32Root]\kdfmgr.exe
Filesize Unknown
Status Known to RemoveIT Pro as dangerous.


oh shit :wink:

_________________
mwahahahahaha !!


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 8:25 pm 
Valued Member
User avatar
Offline

Joined: Oct 2006
Posts: 467
Location:
Venus
kdfmgr.exe is part of a Korean program called Kdefense. If you google it you get sites that tell you it's a keylogger well it's not. It's a false positive disregard it and just play your ksro.

_________________
Euro- Mob baller * 1hand
ign: IAmZeeDevil
Guild:-=Avalon=-
gonna miss you all but I've officially quit silkroad :)
Current Projects
Comprehensive European Party Guide - -15% done
(currently setback)
Warrior Guide - -45% done
(working hard)


Last edited by GodsAngel on Fri Apr 27, 2007 8:42 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 8:36 pm 
Senior Member
User avatar
Offline

Joined: Mar 2007
Posts: 4490
Location:
Pacific
That's not the official one.

Official is v. 1.468 I think...

They changed it for whatever reason, because I remember I originally downloaded v 2.something.

Anyways. Yup.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 8:47 pm 
Banned User
User avatar
Offline

Joined: Feb 2007
Posts: 1428
Location:
Aege
Search only on korean sites, it's not used in any english game yet.
K-Defense : http://www.ewithus.co.kr/3_5_1.htm


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 9:04 pm 
Banned User
User avatar
Offline

Joined: Jan 2007
Posts: 6588
Location: Oo Some where i dont know!!
GodsAngel wrote:
kdfmgr.exe is part of a Korean program called Kdefense. If you google it you get sites that tell you it's a keylogger well it's not. It's a false positive disregard it and just play your ksro.


@ Axeoo7 Yea If you download on theirs real homepage I dont think Is a kelogger, But sometimes can spyware/antivirus think is a kelogger or whatever.But when you download this on other site so never now what can be on it..

_________________
mwahahahahaha !!


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 9:56 pm 
Frequent Member
User avatar
Offline

Joined: Oct 2006
Posts: 1078
Location: Somewhere Fun
Im so confused because their were files called kdefence or something and the icon had kd anyway not sure now what it is but im not gonna mess with ksro anymore till i find out.

That site that was given the upload never worked and ive deleted the installation file and folder so im not going back to ksro ever again.

_________________
Playing GW1 Rarely
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 27, 2007 10:33 pm 
Hi, I'm New Here
Offline

Joined: Dec 2006
Posts: 18
Axeoo7 wrote:
Im so confused because their were files called kdefence or something and the icon had kd anyway not sure now what it is but im not gonna mess with ksro anymore till i find out.

That site that was given the upload never worked and ive deleted the installation file and folder so im not going back to ksro ever again.


Lol man,Its just part of the new security system they have,kdfmgr.exe its just a program that dont let foreign ppl write pass and login,if you try write them,you will just get some wierd letters like s~~รง~.so dont worry its just part of the new security update they got,when the game start just ctrl alt del go to Processes,look for kdfmgr.exe and End task,simples as that,just play your ksro and be happy,ITS NOT A KEYLOGGER,its part of ksro now.

Cya


Top
 Profile  
 
 Post subject:
PostPosted: Sat Apr 28, 2007 1:49 am 
Frequent Member
Offline

Joined: Jun 2006
Posts: 1104
Axe it aint a keylogger, I am a programmer and I can tell you for a fact it isnt a keylogger, it is infact part of an intergrated system to stop people who are non-korean from playing KSRO, once you edit the game files to set to english you should be good to go. (btw its me Memphist :D)

_________________
<<banned from SRF for rules violations. -SG>>


Top
 Profile  
 
 Post subject:
PostPosted: Sat Apr 28, 2007 2:16 am 
Banned User
User avatar
Offline

Joined: Feb 2007
Posts: 1428
Location:
Aege
^^ got any way to switch language settings on the keyboard like
it could be done before k-def.

Used to switch alt+shift+(number) from english>korean>japanese>...
Used applocale to display ingame text korean in english setup xp.

k-def screwed it up.

Now game is set to english in pk2, and found no way to type korean anymore.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 26 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group