Ok so logged in and your character is naked on another server and you have no golds or there is a random authenticator on there. If the guy who stole your crap is a jerk you probably have no hearthstone and you're falling indefinitely. It's not the end of the world.
Here is the official Blizzard too long didn't read version on what to do: »us.blizzard.com/support/article.···Id=30796
Anyhow there are two parts.
1. Clean your machine
2. Get your account back.
Clean your Windows box.
If you're not feeling up to playing around with things, the site has a security cleanup forum
. It's a very systematic process and they tend to rage out if you don't follow the first post procedures list
. They're good people.
Or if you want to try it yourself, you could try to download malwarebytes; »www.malwarebytes.org
(directish link: »www.malwarebytes.org/mbam-download.php
), update the defs from the installer.
You can run the installer, then download the definitions manually. (direct link: »mbam.malwarebytes.org/database/m···ules.exe
If something kills the process or the internal update is hosed, try it from safe mode w/ networking. If that doesn't work, put it on a pen drive from a clean machine or whatnot.
As a rule I generally disable system restore (it's useless really) and check scheduled tasks because things can hide there or are on a schedule to download again. I deal with a lot of windows malware on a daily basis.
If it finds a rootkit called TDSS, run this fellow; »support.kaspersky.com/viruses/so···08280684
- TDSSKiller. MBAM and most AVs can't touch it. Thank Kaspersky for this tool.
If that finds stuff, you reboot, and internets explorer isn't working (white screen) Tools -> Internet Options -> Connections -> LAN Settings -> disable all that non-sense. Sometimes if you're owned good you will get redirects. Also.. why are you using internet explorer? I have lost so much respect for that browser I don't even capitalize it's name anymore. More on that later.
I'd also follow up with in-browser scans. ESET NOD32 online scan: (works with firefox + msie)
and for the fun of it let's say bit defender online scan:
There are other ones out there as well.
Get your account back.
You'll need to remove that authenticator that was placed on there. Meaning you'll have to wait on hold like an hour for Blizzard Billing. You'll need to have your Vanilla CD key (it's on the game manual. seriously, you'll need this) and know your secret question stuff.
Also - if you have no idea where your key is, you can get it recovered;
Here is Blizzard's statement about everything from their site, tl;dr version;
- Quick version;
Live Billing and Account Services representatives are available to assist you with your questions and concerns.
Hours: 7AM 8PM Pacific Time, 7-Day Support
United States 1-800-592-5499
We have also provided the following numbers for our international customers:
You should change your password too.
Once you get in you'll then have to GM ticket it to get your crap restore which might take an eternity.
To minimize your risk of getting owned again... get an authenticator
. This generates a very temporary random pin number you have to enter in when you log in. When you use an authenticator and get your password stolen, the worst than can happen is someone uses your account to spam the wow forums. That place is a cess pool of idiocy so who cares. Everything else (blizzard games & account management) need the authenticator key. More or less GET AN AUTHENTICATOR IN SOME FORM
. This will save you a TON of trouble.
If you have an iPhone or iPod touch, you can download the Authenticator app for free from the App Store.
:(This is where I get biased.... this statement can cause some serious nerd rage)
Get a real anti-virus. I'm sure the 840 years of free McAfee and Norton from your ISP is the best thing ever. Unfortunately they suck. Sorry. I don't care.
I would recommend NOD32 Anti-Virus
(the more expensive security suite whatever is not worth a lot more $ for a firewall) or Avira Premium
(not that awful avira free non-sense). You can google a discount code for either one. I randomly found this deal for NOD32;
You are probably using Microsoft Internet Explorer. Stop that.
Try Mozilla Firefox
or Google Chrome
. I prefer Google Chrome - it's faster. Firefox has more useful addons though.
Install the Adblock plus addon/plugin and you're on your way to win city. They have purples.
The misc update your flash;
Update your Java Run Time Enviroment (in windows control panel).
If for whatever god forsaken reason you're using Adobe Reader and not FoxIt Reader
, make sure those are up to date to.
That should hopefully get you through it. I'll also probably edit this a hundred thousand times too.