I logged on my account about an hour ago (it is 10:57 centeral us time) and my toons were naked... :\

So.... I don't even know where to start...

I tryed useing ZA to find the keylog right after useing a scan and only caught 1 tracking cookie, and a tracking cookie woulden't hack me...

I don't know what to do... what do I do to keep more being done to my account... and more importantly how do I find the keylog/trojan?

Us every virus finder and spyware killer known to man and you might find it.

this dosen't help any... I only have ZA for this...

There's like a million free ones out there like Spybot Search and Destroy. Download and scan. lol

http://www.majorgeeks.com/ has alot of useful anti-spyware stuff... Most of it is free too :-) Try using those. DON'T play more untill you've gotten rid of whatever "stole" your stuff, otherwise you'll lose it again, when you've gained new. Once it's gone change your pass immediatly, since if he realize that you've found out what's happened he might steal your account, not only your money. And that'd really suck.:undecided:

ZA Anti-virus is a bit flaky. You'd be better with AVG which is smaller and faster, and updated more often, and removes viruses better.

Anyway for Spyware download and install both Spybot [Spybot Search & Destroy (http://www.safer-networking.org)] and Ad-Aware [Ad-Aware SE (http://www.lavasoft.de)]. Careful when Googling for them as spyware bastards have made very similarly named programs and domains.

Run and update both programs, but don't scan.
Disconnect from Internet.
Reboot in Safe Mode.
Run both programs, Ad-Aware, then Spybot in ALL ACCOUNTS on the machine. Remove everything they find.
Restart in normal mode, job done.


If they don't find the keylogger you need to download install update and run AVG Free. [NEVER use two anti-virus progs at once, you'll need to uninstall any present AV software.] AVG will work in normal and safe mode and removes viruses from anywhere including the system restore folder.

ZA Anti-virus is a bit flaky. You'd be better with AVG which is smaller and faster, and updated more often, and removes viruses better.

Anyway for Spyware download and install both Spybot [Spybot Search & Destroy (http://www.safer-networking.org)] and Ad-Aware [Ad-Aware SE (http://www.lavasoft.de)]. Careful when Googling for them as spyware bastards have made very similarly named programs and domains.

Run and update both programs, but don't scan.
Disconnect from Internet.
Reboot in Safe Mode.
Run both programs, Ad-Aware, then Spybot in ALL ACCOUNTS on the machine. Remove everything they find.
Restart in normal mode, job done.


If they don't find the keylogger you need to download install update and run AVG Free. [NEVER use two anti-virus progs at once, you'll need to uninstall any present AV software.] AVG will work in normal and safe mode and removes viruses from anywhere including the system restore folder.


This helped a LOT, and even better I think it worked.... It did kill a trojan...

meh... And if I diden't get it.. I'll find out....

http://www.majorgeeks.com/ has alot of useful anti-spyware stuff... Most of it is free too :-) Try using those. DON'T play more untill you've gotten rid of whatever "stole" your stuff, otherwise you'll lose it again, when you've gained new. Once it's gone change your pass immediatly, since if he realize that you've found out what's happened he might steal your account, not only your money. And that'd really suck.:undecided:

Hah, thanks for the advice... I was considering switching to the server that all meh friends are on anyways... Oh well... this just makes it more of a pain.

It's starting to scare me how freakin' unsecure these websites are, and how easy it is to install keyloggers on people's computers...

stop using software from microsoft - I dont have a anti virus program, or any of that fancy **** - but just to be sure i install one about every 3rd month, and im always clean, except for one or two suspicous cookies.

Get Avast! free antivirus. Best free one i have found.
Zone alarm is **** stay well away..never even consider Norton. Ever.

Get Free...

Adaware anti spyware
Ewido anti spyware
Spybot search and destro anti spyware

Sorted

stop using software from microsoft - I dont have a anti virus program, or any of that fancy **** - but just to be sure i install one about every 3rd month, and im always clean, except for one or two suspicous cookies.

This is just extreme... We can't all get brand new computers.

This is just extreme... We can't all get brand new computers.

And we don't all have the time to learn different Operating Systems and what not.

This is just extreme... We can't all get brand new computers.

format your computer once a year - voila, you've got a "brand new" computer

I use NOD32 virus scan it works great. Another thing that reassured me since this keyloger outbreak is that I use "remember account name" so I dont type that in everytime I play just the pass.. Not sure how they function but all they get is the password they can't do much with that. Or maybe it works some other way not sure.

Please, allow me to make one suggestion to you if you haven't already:
Change your account password.

Just as an added precaution, make sure that you're doing it on a friend's computer you know is clean or have verified your own system is infestation-free beforehand.

On the subject of virus scanners, you might actually be smart to steer clear of the most popular packages such as Norton or McAfee, as it's these that most virus writers and malware authors test their code against before releasing these viruses into the wild.

You're better off looking for those "2nd tier" semi-popular packages that still have solid work done on their definition updates and detection routines however might not be a household name. I'd recommend doing a little research into this, it could pay you some real dividends down the road ^_^

I guess all else I can suggest is keeping Adaware and Spybot up to date, making sure your Internet Explorer security settings are turned up high or looking at another browser. I won't jump on the security nut and proclaim "Download Firefox!!" (That's got its own vulnerabilities too, however it could be said they do a better job of fixing them quickly) However you might want to give another web browser a try. Again, do your homework and pick a recommended one.

Lastly, I'd certainly second an earlier poster's advice: A yearly reformat can do wonders for your system. I'd also say sometimes depending on the level of malware infestation, sometimes a clean slate is a better idea in the end than potentially leaving something nasty lying in the background. If you're not so comfortable doing this yourself, ask a tech-savvie friend for help.

So to sum up I guess:

Make sure you've changed your password since the theft
Go for a well respected but perhaps not "Top 3" antivirus program and keep it updated
Make sure to keep those anti-spyware programs updated. At least one of these is always a good compliment for a firewall package and anti-virus program
Keep an eye on the security settings of your browser, and don't be afraid to look into alternatives.
If it's gotten to bad, just reformat and start over. No harm done.


As an added note let me say I once had my characters' gear vendored by a family member in a bad mood when I went AFK to run a quick job once, and restoration wasn't a problem for me. GMs were quite helpful at each step in the process.

Everything said, good luck getting your gear back ;-)

Please, allow me to make one suggestion to you if you haven't already:
Change your account password.
Done...
I guess all else I can suggest is keeping Adaware and Spybot up to date, making sure your Internet Explorer security settings are turned up high or looking at another browser. I won't jump on the security nut and proclaim "Download Firefox!!" (That's got its own vulnerabilities too, however it could be said they do a better job of fixing them quickly) However you might want to give another web browser a try. Again, do your homework and pick a recommended one.
yw guess what i downloaded :p

As an added note let me say I once had my characters' gear vendored by a family member in a bad mood when I went AFK to run a quick job once, and restoration wasn't a problem for me. GMs were quite helpful at each step in the process.

Everything said, good luck getting your gear back ;-)

Got that back too.... took a day....

meh, well, should be mostly fine now...

I hope *knocks on wood*...

this dosen't help any... I only have ZA for this...

That almost made me cry. In my opinion, a virus scanner is much more important than a firewall (I'd run both, though). Not to have one while running Windows in today's internet world is ... not the brightest thing.

Not using IE is not a solution. Someone on my realm's forums uses firefox and he got a keylogger virus. As other browsers become more popular, more ads and viruses will target them too. Heck, my firefox can barely block ads anymore.

It's like an arms race. you need a firewall, and antivirus software, and keep them updated every week. and scan once a week. run microsoft update every week to be sure you have the latest patches (or whatever OS) etc. if you fall behind, you will eventually fall victim.

Norton Ghost is nice too, you can backup your whole hard drive to another hard drive, so if someone goes irreparably wrong, you have a clean system backup, just pop the other harddrive in, and refomat the corrupted one. But that's if you have the discretionary income. it's easier than re-installing everything, as the poster above advised ;) But it requires managing your directories so you can copy out any files you need to keep to a network drive or other drive.

i'm just glad i have 2 computers, the computer I use for browsing and work, and the game and tv recording computer. that helps, a lot fewer viruses when you simply don't use the internet or email on the computer!

It's starting to scare me how freakin' unsecure these websites are, and how easy it is to install keyloggers on people's computers...

Its scarey that there are so many people without basic internet protections installed on their comps...

Dudes, get your computer protection, at least...

Not viable for most folks but I have it setup in this manner.

2 notebooks
2 wow machines

1 notebook runs vent and is basically a media center.
1 notebook i use to read forums, lookup quest info and gerenal internet usage

2 wow machines, they play wow and that is all.

Buy a Mac!

You should always keep a firewall on your computer because it stops bugs/virus getting on. remember always keep your firewall up to date

Not using IE is not a solution. Someone on my realm's forums uses firefox and he got a keylogger virus. As other browsers become more popular, more ads and viruses will target them too. Heck, my firefox can barely block ads anymore.


Adblock Filterset.G + NoScript == No ads, unless you want them(like here)

I logged in a couple of days ago to notice nearly all my characters had been replaced with random named level 1s and that my Priest is now naked and all his epics are gone (my rogue was untouched). I sent an email to blizzard hoping that they could restore them.... so what did blizzard do? They locked my account and told me i have to go to a "Notary Public" (fancy lawyer) and get my ID authenticated and send some crap forms to the US. ..................... Thanks alot blizzard
This may be the end of me playing wow, I'm pretty pissed off at blizzard.

I have AVG installed and upto date and ewido running (both are always running).
Did scans when i realised what was happening and they both didnt find anything.

The most annoying thing is that blizzard have now locked me out of my account and I have to go through alot of crap to get it back =(

Fax in the account retrieval form and a photocopy of your ID

blizzard should then give you access to your account again after giving you a new temp password

of course getting rid of all trojans/keyloggers is necessary before accessing your account again

then blizzard supposedly conducts the "investigation" into item/character restoration

I logged in a couple of days ago to notice nearly all my characters had been replaced with random named level 1s and that my Priest is now naked and all his epics are gone (my rogue was untouched). I sent an email to blizzard hoping that they could restore them.... so what did blizzard do? They locked my account and told me i have to go to a "Notary Public" (fancy lawyer) and get my ID authenticated and send some crap forms to the US. ..................... Thanks alot blizzard
This may be the end of me playing wow, I'm pretty pissed off at blizzard.

I have AVG installed and upto date and ewido running (both are always running).
Did scans when i realised what was happening and they both didnt find anything.

The most annoying thing is that blizzard have now locked me out of my account and I have to go through alot of crap to get it back =(Ouch! I would've thought the service would be better. Where are you located?

I live in Australia.

Omikron8: I wish it was just faxing in the form and ID but you have to go to a lawyer and get your ID authenticated

I logged in a couple of days ago to notice nearly all my characters had been replaced with random named level 1s and that my Priest is now naked and all his epics are gone (my rogue was untouched). I sent an email to blizzard hoping that they could restore them.... so what did blizzard do? They locked my account and told me i have to go to a "Notary Public" (fancy lawyer) and get my ID authenticated and send some crap forms to the US. ..................... Thanks alot blizzard
This may be the end of me playing wow, I'm pretty pissed off at blizzard.

I have AVG installed and upto date and ewido running (both are always running).
Did scans when i realised what was happening and they both didnt find anything.

The most annoying thing is that blizzard have now locked me out of my account and I have to go through alot of crap to get it back =(

A "Notary Public" is not a lawyer--their purpose is basically to authorize signatures as valid, and you can usually find one in any bank or, in some cases, a grocery store in the United States. They do not (and can not) charge a fee in most countries. I’m not sure where you are from, but it sounds like they are simply trying to verify your identity.

And we don't all have the time to learn different Operating Systems and what not.

Firefox solves most problems. Saying people should use Linux is a bit geek. I tried it often, most things work fine, but games is kinda hardcore.

At work IE often scares me with all the Do you want to Install this popups ;)

A "Notary Public" is not a lawyer--their purpose is basically to authorize signatures as valid, and you can usually find one in any bank or, in some cases, a grocery store in the United States. They do not (and can not) charge a fee in most countries. I’m not sure where you are from, but it sounds like they are simply trying to verify your identity.

Quotes from wiki
"Virtually all Australian notaries are lawyers of several years standing at least but very few lawyers are also notaries"
...
"Therefore a US notary resembles an Australian JP rather than an Australian notary."

JP is Justice of the peace i think. I remember reading somewhere that JP's canot authenticate documents for use overseas.

EDIT: Oh here it is
" Australian jurisdictions also have Justices of the Peace (JP) or Commissioners for Affidavits who can witness affidavits or statutory declarations and certify documents. However they can only do so if the relevant affidavit, statutory declaration or copy document is to be used only in Australia rather than in a foreign country, with the possible exception of a few Commonwealth countries not including the United Kingdom or New Zealand except for very limited purposes."

errr
Bumpalump