Silkroad Online Forums

Maybe you care, maybe you don't, I don't know...

But I thought something has to be up with SRO, so I sniffed the SRO packets and found SMB browsing packets right from their server and also I get Microsoft Messenger packets that contain ads for some registry cleaner... saying that it detected corruption and like 55 errors in my registry or some crap and to dl thier program.

I know for sure the SMB browse is from SRO, I can see the IP it's from and there's absolutely NO NEED WHATSOEVER for them to be looking at peoples file sharing network. I'm also 99.9999% sure that the MSN packets are tunnled from another server that pays for it because I only get them when SRO is running.

Edit:
I just discovered the spam isn't from SRO, though the SMB still is, the IP is the same so there's no mistake there.

I use Kaspersky as a virus detector and if you have it you'll know how amazing it is. The first time i used it it completly cleared my compy of all that bad stuff that macafee and Adware missed. Now kaspersky is very touchy about everything i do on my compy but it never fails that when im on SRO i'll get a message from Kaspersky detecting keyloggers. It happens when im in or out of a party as well as when alot of ppl and no one is around. So i can't blame random ppl and i can't say that its someone in my party so my only conclusion is that theres something in SRO that uses some type of keylogging program for whatever reason. weird huh?

Yes. I also think SRO isn't totally clean.
Sometimes my PC is just getting farked up by it. :/

jyro, are you running XP with SP2?

Windows Messenger Service is disabled by default with SP2. If you're getting Alerter messages you will want to disable that under Administrative Tools > Services > Messenger.

Also, surely you're running behind either a software and/or hardware firewall that blocks SMB requests? I am using the pfSense stateful firewall along with the freebie ZoneAlarm software firewall, and I've never seen SMB requests other than those on my LAN.

I don't know about you, but I HATE spyware with a passion.
This may be enough to make me quit, if I don't quit I surely won't be giving them my money.



Yeah, I have SP2 and a firewall.
The packets getting in aren't the problem, I'm just mad that they're even there to begin with.

It does have keyloggers, I saw a topic before that some guy downloaded ksro to sniff around in its packets so he could do stuff with isro. He said he found keyloggers and that irso must not be safe too.
But this one guy replied, and there was some reason for it.
It was so that they could detect if you were actually typing or not, so they could ban bots... I'm not sure if that was the reason, but don't worry, you're not gonna get hacked or anything.
As much as people hate to think, joymax is actually a good company, but there are some issues with their bosses and stuff which makes people not like them.

This stuff is just underhanded though... they could at least do it in the open, I don't like people who sneak around.

Almost all MMOs have some mechanism to kick people off the servers for inactivity. It's usually a timer between keypresses, mouse clicks, or mouse movements. If those events don't happen within a set period of time, then the user gets kicked.

It's amazing that SRO doesn't use this especially since a lot of people log in and just stand around without logging out because it can be so difficult to get back on.

As for a firewall that allows unsolicited external access on ports 137, 138, 139, and 445... well, that's just as good as not running a firewall at all. Be advised that a lot of malware can hook firewalls and antivirus programs to prevent their detection.

Yeah I have the ports blocked, I can still see the packets though...
But actually I don't believe the firewall is really blocking anything because firewalls on XP suck, but I can only hope.

Who cares? Keylogger or not, your account infomation will be sent to JM. Why do they care if they already had access to server database?

Yeah, I don't even care about the keylogger. It's the other spyware that ticks me off.

ROFL MD told me there is no spyware and to not spread rumors.
I can see the freaking packets and the ad that is in them!

If you can see the packets but have the ports blocked, then the ports are not being blocked. Period.

The firewall you are using is either compromised or has rules to allow traffic on those ports. Most likely it's compromised due to a malware hook or a rootkit.

Software firewalls other than XP's Windows Firewall on XP are OK, but the best protection is provided by a combination of software and hardware firewalls. I have pfSense running on an ancient 233MHz PII with 14 PCs on my home network and have no latency issues playing MMOs or FPS.

Regardless, get that computer off the internet until you can plug the hole.

Well most games now a days have adware in them that monitor what you do, but only are active while your playing...

Yeah normally I would, I'm just a bit annoyed is all.
This is just my XP partition, I don't really care what happens to it because I reinstall it all the time anyway... I have three other linux boots on this machine to use.

What else is Joymax going to do to you jyro besides already piss you off and send you to jsro.

I told u yesterday to stop being emo, girls dont find it attractive.

If they have anything it is standard and I trust it more then some bot program would be putting on my computer.

You probably don't even know what emo is, you just want to try and make me mad. Getting ticked off is not emo, it's called being human.

I'm allowed to blow off steam as long as I don't break the rules and it obviously bothers you more than you bother me.

yeah... okay, ty for the info i guess, but no need to alarm ppl who don know anything about computers

PPL WHO DONT SPEAK COMP.:

just get a good firewall and scan ur comp regularly

my old comp got farked up when i played sro to much a day. I got soem weird error saying that additional oftware may have cause it. So i uninsttalled it from old comp and have never had the prob since.