What's new
By:
  • Visit Rebornbuddy
  • Visit Panda Profiles
  • Visit LLamamMagic
  • Visit Resources
  • Visit Downloads
  • Visit Portal
RebornBuddy Forums

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Stolen account and emptied guild bank

NoScript + HijackThis + Rootkit Revealer is all you need.
 
I've been the guild officer and/or leader of no less than 3 full time raiding guilds in the last 5 years and I've seen just about every excuse, reason, lie that I can think of as to why someone's account got hacked/exploited.

It always comes down to the reasons I stated and there is no trust between even the closest people when it comes to this game. All it takes is one action to piss someone
 
I use Kaspersky retail which is the top rated anti virus and catches more than anything. I have a suspicion what happened at this point. I am still going to list my plugins. The account was logged in on the computer my son games on one time several weeks back with HB. He uses it to game on Steam and downloads a lot of apps for that and goes to hint/cheat sites. Good candidate for where it happened. Installing Kaspersky and scanning that machine as I write this.

Plugins:

Autoequip
eprofilecreator
ebored
ebuy
esafe
etalent
etrain
tidybag


I hope everyone understands that I was looking for help where it might be or how the apps here might have been compromised since they are all I have ran with WoW. I feel the developers are quite trustworthy or I never would have sprung for a lifetime subscription. =)
 
sumdumguy said:
I use Kaspersky retail which is the top rated anti virus and catches more than anything. I have a suspicion what happened at this point. I am still going to list my plugins. The account was logged in on the computer my son games on one time several weeks back with HB. He uses it to game on Steam and downloads a lot of apps for that and goes to hint/cheat sites. Good candidate for where it happened. Installing Kaspersky and scanning that machine as I write this.

Plugins:

Autoequip
eprofilecreator
ebored
ebuy
esafe
etalent
etrain
tidybag


I hope everyone understands that I was looking for help where it might be or how the apps here might have been compromised since they are all I have ran with WoW. I feel the developers are quite trustworthy or I never would have sprung for a lifetime subscription. =)
Click to expand...

Like ski said, HijackThis is worth running to see what processes are having themselves loaded, and to see what tries to piggy-back on your browser. Run it in safe mode for best results with removal of questionable items. The folks on the Microtrend forum love looking at HijackThis logs.
 
donnamonna said:
Like ski said, HijackThis is worth running to see what processes are having themselves loaded, and to see what tries to piggy-back on your browser. Run it in safe mode for best results with removal of questionable items. The folks on the Microtrend forum love looking at HijackThis logs.
Click to expand...

Hell I'll even take a look at his log if he wants to post it or PM me it.
 
It's highly likely you were phished.

Have you followed any websites linked in whispers, email etc, lately?
 
Sorry, but not all Anti-Viruses detect hacks. A lot of hacks, I have noticed, take home in the 'temp' folder, and are compiled to an .exe over time.. So, open Task Manager daily and look for suspicious processes, right click and 'Open Location'.. If it doesn't sound noticable at all, or isn't in system32, it may be a virus.
 
Finally got my account cleared by Blizz and most of my stuff back.

Am posting my HJT log in hopes that someone will be able to tell me if there is a keylogger or anything i nthere which might cause my system to be compromised again.

I've run full scans using Trendmicro's online AV/malware scanner, Ad-Aware, AVG and Spybot. Nothing has come up except for some tracking cookies which I've since deleted.

Thanks in advance for any help, Hoping to get back to botting tonight.
 

Attachments

Last edited:
Tagmnky said:
It's highly likely you were phished.

Have you followed any websites linked in whispers, email etc, lately?
Click to expand...

No but I do ROFL at all the spoofs they throw out about "Free mount" "You have been caught botting, please go to page blah blah to avoid account suspension".
 
Ran the items you recommended, nothing found so still a mystery. The good news is the account was fully restored and every single item was returned for guild bank. Much better service than they gave over the last couple of years.
 
Good to hear, when my account was hacked (this was a long time ago) they also restored everything that was stolen/deleted.

They've done a complete u-turn in the customer support department imo, well the Europe division anyhow.
 
You must log in or register to reply here.
Back
Top