So....Just got banned from WoW for some reason...

[Lt_Bromhead]

Check your pc out Lt_Bromhead, You may have a keylogger on yer system.

How does one detect such a thing, may I ask?

Use you anti-virus scan, norton, McAfee, widows defender and run a full scan. I hope you got a firewall and virus protection on your pc dude at least. Also be sure to check the email where it's been sent from sometimes hackers will send an false email to you in hopes you may open it. There is more information on the blizzard website, check my account may have been comprimised page.

Oh, reet.

Yeah, I've got the necessaries. Was just wondering if there was an extra special way of detecting one.

I'll start scanning now.

And I'll get onto Blizz ASAP.

MALWAREBYTES! I cannot stress this enough, it is excellent, it is free and it catches just about everything. I work for an IT company and it's our secondary scanner program after Kaspersky(But that one costs money, TOTALLY WORTH IT). Scan your computer for viruses and keyloggers and make sure to have a firewall active to atleast try and prevent hacks

Sounds like a plan, sir.

Okay - so it seems I might have found something of an...untrustworthy nature...on my system.

Google searched all the processess and found this little chap lurking at the bottom:

"winlogon.exe"

Now it sounds like a winlogon executeable is normally a reliable fellow to have running, as it's your user authenticator within Windows. This is only if it's running from the System32 folder, however, and when I tried to check the properties of this file nothing happened. I tried to open the file's location, and to get it's properties, and nothing happened.
I took a gamble and tried to end the process, but I just got the message "This operation could not be completed. Access is denied". Now I'm using an administrator account, so I should have full access throughout the computer. I know that even vital windows processes let you end them, despite the possible effect on the system.

A bit worried here.

Any advice on what to do, chaps? :/

Download a Linux ISO (Ubuntu 11.04 for the easy way), then hit PenDriveLinux.com for YUMI ? Multiboot USB Creator (Windows) [http://www.pendrivelinux.com/yumi-multiboot-usb-creator/], download and run YUMI to 'burn' the Linux ISO to a USB thumb drive (anything that's 1GB or bigger will work, 4GB is best).
Having your new USB Linux Live Drive (akin to a Live Disk but on a thumb drive instead), reboot the system and hit whichever button the boot sequance tells you to get into a Boot Selection Menu (from which one can boot from optical disc, USB drive, or an internal drive), once there select the USB Drive option and let Linux load up from the USB drive.

Now you are within Linux, and the fake winlogin.exe will no longer work, so you can go through and clear it out (if you have found where it is hiding. if not sure, open firefox and google for it againt, as you've done before here).
Once you've cleared it out (where the virus is hiding will tend to depend if you're running XP or vista/7) you can reboot the system and take the thumb drive out so Windows will boot up once again without the fake winlogin.exe running (as it doesn't exist anymore).

~~~~

I know this might seem a complex procedure, but by swapping to Linux (as a temporary OS on a live drive at least) one prevents any malicious program written for Windows from running so you can clear it out.

I myself have had a problem like this (not full-out banning, but enough that I changed the password to my B.Net/WoW account, changed the email address it was on, changed the password of the original email address, and made sure I'm the only one accessing that address), but it was somewhat easy to get control back and undo any damage done by those who hijacked my account (not to mention killed off the character they created that caused the issue in the first place).

Um.... Could I ask a professional to do that for me?

That seems like the kind of complex thing that I would mess up so unbelieveably badly...

Eh, you COULD pay a computer store techie to do it, but personally I don't exactly trust most places to not tamper with my information beyond clearing off the malware data.

If it'd make it easier, write it down in a notebook as a step-by-step method;
1: Download Ubuntu 11.04 ISO.
2: Run YUMI to burn ISO to thumb drive.
3: Reboot system and run off the thumb drive.
4: Wait for Linux to load and get ready to access your hard drive.
5a: Google for information about malware.
5b: Search the drive ~carefully~ for signs of the malware.
6: Delete all traces of the malware from the system using the information from the Google results as a guide.
7: Tell Linux to reboot system, remove thumb drive when told do and hit enter.
8: Load Windows and check for any signs of malware. If none, you've done the job right.

For those not used to Linux (but don't want to pay out the nose for someone else to do the work), for this sort of situation, read all available information and follow it CAREFULLY.
I can not stress the CAREFULLY enough.

Ehhh.... I'm going to have to get a pro to do it.
I'm not very computer literate, and I'll likely do something stupid. Which will then make the problem even worse.

 

[LordLundar]

People seem to be going on about a "system wipe" quite a lot.

Firstly: I've no idea what this is or what it does. Sounds a little risky.
Secondly: My computer is LITERALLY brand new. I'd rather not do anything that I might screw up seriously badly... :/

A system wipe or purge is just as it sounds like. You wipe all content on the hard drive and start from scratch. In the cas of compromised systems, after you do that, it also includes unplugging all major power sources from the computer for a few hours to make sure the RAM clears out it's data as well (RAM requires power to retain it's data but can have power from the PSU for a while. Once done, you rebuild or reimage the operating system which will restore it to an operational state. Purchased systems will call this "factory standard" as it's the same software wise as if it came from the factory.

It's not inherently dangerous to the system (experts recommend doing a wipe every 6 months to maintain optimal operation) but any data on the system is lost. That means save games, written documents, essentially anything not backed up is gone forever. It's also a long procedure (3+ hours is not uncommon) so it's considered a last resort.