Hacked w/ authenticator on account

[mikekim]

Well they are legit. I copied the shortcut and put it into notepad to see what it was, they go to battle.net/us and they are asking me to confirm a password reset by email (Like I forgot the password)

BTW, thanks to the OP for posting up the tip about getting malware bytes and launching wow and then scanning.. probably a pretty invaluable tip.

Blizzard will never ask you to confirm your password... why would they have to?? they have access to the database that it is stored in

[DLoweinc]

The email I received asked me to confirm whether or not I requested a password reset via email like I had forgotten it.

When I did go onto battle.net and change my password they did send me an email confirming that I made an account change.

Unfortunately both emails have been removed from my email trash by now so I can't post them.

EDIT: I thought I had the original from blizzard but it was only one of the spam ones I get every day.

[crowdx]

When I got hacked I believe they tracked my IP address to my machine and backdoored into the machine. The only way I got clear after a week of resets was to power down the modem for about 15 minutes so that it repulled a new IP address. At the same time I logged into a machine at work and setup a new email address that is only used for WoW. Both these precautions were what it took to get clear.
remember if they had a keylogger on your machine they may also have your email info and even the answer to blizz challenge questions. You need to chage "everything" on your WoW accounts from a secure machine and then nuke the OS on the two machines you are using WoW on, then with a fresh install install a good internet security app which has virus scan and a firewall. Once those have been installed then install WoW and all other apps.
As for User Account Control in Windows Vista / 7 , I always have it enabled and so it seems useless for these type of hacks due to the level they get installed at ( I presume they have the apps sit in memory until the machine is restarted and then install on bootup before UAC service starts.)
The other point I would make is to reset all bank account passwords etc that may have been accessed on these machines, remember these hackers are not just after WoW, they use stolen credit card info to transfer toons also, so protect real world info too.