Not being an expert, but i see people talk about Phishing or Keylogger but i just want to add one more thing people must be advised. NEVER register in any site with the mail/password that you use in important things. Get a different mail/password to access forums and one very trusty to use in you important stuff. Not saying this is the case in this forum, but sometime people access untrusted places, and in the case of selling gold i bet most of us did.
Should I be scared for using HB now and Kick + Cava's profiles and some few other plugin's thats released by some ppl thats known here? :x
What would be your logical answer? Of course you should continue to use these trusted profiles! Just think what would happen if they decided to curse their own profiles.
Lol. How should I know they're trusted? I mean like it's easy to bind a rat /keylogger to the files you make.
Makes me laugh, i bet you, your bot sent the gold to someone or didnt something with it if you are going to download a profile make sure you read it and watch in in action for at least 1 hour so you know what its up to and see what it does when your bags full, when it need a material to level a profession probably goes to the AH and buy's it for a ridicules amount of gold cause you have set any settings. You hacked your self Sorry dude
Let me clear up some glaringly obvious misconceptions people appear have. 1. You were hacked, plain and simple! 2. It is not Honorbuddy. HB is virus free and malware free. 3. It was not a profile. 4. It was not a Combat Routine. 5. There was no malicious code in any SVN you downloaded from. 6. Antivirus software is NOT 100% perfect. Now allow me to elaborate on the above points. If Honorbuddy contained a virus or malware then this would have happened to every member of this community and HB would have been shutdown a very long time ago. Questing or grinding profiles are not capable of performing the necessary steps to required facilitate the creation of new characters & transfer gold. The same applies to Combat Routines, while combat routines can be very complex and at times downright smart they do not function in such a way that would allow for this to happen. You didn't download anything from a SVN. While it is possible for the author to change their code and include something malicious if this were the case we would have received the same report from thousands of other users. Antivirus software does not guarantee you will not receive a virus, it greatly reduces the chance of it happening but it is no guarantee. I see no mention of a Blizzard Authenticator in your post, and while this is also no guarantee you will not be hacked it also greatly reduces the chance of it happening. I personally have been hacked on accounts where an authenticator was being used. The behavior you described is indicative of large scale "gold hackers". They create a level 1 character, send all your gold to it and transfer it off with a "face to face" trade. LD,DR: You were hacked. Plain and simple. Where to from here? 1. It is highly unlikely this happened on your computer, regardless of Blizzard's reply. Send an in-game ticket - again if needs be. 2. Browse to Bleeping Computer - Technical Support and Computer Help and download the following tools; they are my "go to" virus removal tools and fixes * ComboFix * MalwareBytes * RootkitRevealer CAVET: These tools are very powerful and all documentation should be read before proceeding. I take no responsibility for any unexpected issues arising from the misuse or uneducated use of these applications. I have used these tools for many years and consider them safe and secure. Though, improper or uneducated use can result in compounding problems arising from existing issues. E.g Removing a rootkit can result in the loss of network connectivity. 3. Change your password for email, WoW and any other service you might share these details with. Do not use the same password for multiple services.
Well first of all i have allrdy been speaking to everything that supportable in wow, and they all say the same that its been sent from my own ip! Now as ive said before, nobody has access to my gaming room, and i havent even had any guest visiting me here for over 2 months now, and for those who live here which is my wife and 2 year old son, they dont have any clue whatsoever about WoW and how to play it! Ive used kaspersky to detect viruses but there is nothing, now either there is a bad file in my HB that does this or its a freaking AWESOME chinese trojan thats undetectable and can give the owner full access to my pc to hack me from here since it wud be dont through my own IP! Belive it or not but this is the case. And for the LOLS now, lololol, as i made tickets to Blizzard complaining about theyre not helping me on my issue i was botting like dumb sheep, so when they do chech me and my ip up they see me botting, and now dont ask me why, but they just sent me an e-mail saying that they were investigating my issue when they saw my character using 3rd party software! And the best thing is they didnt ban or suspend me, they didnt even dissconnect me, they let my bot continue and gave me an warning lol!!! Regards PS. i have dropped this now, i wont ever get my gold back and will never know which file is bad either! If it happens again im going to remove HB and WoW again since i wont borrow money again for farming!
And now after i Installed all the 3 programs u suggested and scanned with MalwareBytes the results were following: Malwarebytes Anti-Malware (Testversion) 1.65.1.1000 Malwarebytes : Free anti-malware download Databasversion: v2012.12.06.04 Windows 7 x86 NTFS Internet Explorer 8.0.7600.16385 Rayan :: RAYAN-DATOR [administrat?r] Skydd: Aktiverad 2012-12-06 12:31:19 mbam-log-2012-12-06 (12-31-19).txt Skanningstyp: Fullst?ndig skanning (C:\|) Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM Inaktiverade skanningsalternativ: P2P Antal skannade objekt: 350638 F?rfluten tid: 27 minut(er), 7 sekund(er) Uppt?ckta minnesprocesser: 0 (Inga skadliga poster hittades) Uppt?ckta minnesmoduler: 0 (Inga skadliga poster hittades) Uppt?ckta registernycklar: 0 (Inga skadliga poster hittades) Uppt?ckta registerv?rden: 0 (Inga skadliga poster hittades) Uppt?ckta registerdataposter: 0 (Inga skadliga poster hittades) Uppt?ckta mappar: 0 (Inga skadliga poster hittades) Uppt?ckta filer: 0 (Inga skadliga poster hittades) (klar)
Did you ever respond to what profiles you used? where you got them? and what SVN?s you use if any. if you have the profiles here add them so someone can check them, .xml profiles can?t run scripts outside wow, but anything with .bat .exe don?t upload.
