I'll give it another scan once I get home from work later tonight. It would just seem really strange considering I didn't even have WoW installed and this was a fresh install of Windows 7. What are the chances I would have picked up a keylogger when I basically never download anything from untrusted sources? I don't even use Internet Explorer anymore because of its security issues.
If you reformatted your computer and installed Win7, and if nothing related to WoW was ever installed or used (websites included) after you installed Win7 it's almost certainly clean, barring anything really exotic. If it was an install in place over your previous OS something might have survived, though it's entirely dependent on the malware and what the install process overwrites or deletes.
Mods that actually run in-game
should be safe, because they will be Lua or XML and won't be stand-alone executables and thus should not be able to escape the game's scripting environment, barring a buffer overflow (they probably exist, I doubt they are mapped out well enough to be exploitable). External utilities like download managers are not safe, but they are relatively trustworthy depending on the source.
Don't trust any website, ever. Flash/Java etc.
should be safe, but in practise are not because large numbers of people have an annoying tendency to scout out ways to run arbitrary code. Buffer overflows, again, are a likely culprit. However, unlike a scripting language purpose-modified for a game, these plugins are very common and frequently used as attack vectors. Thus a specially crafted .swf ad placed on Curse.com could be used to run the attackers code on your computer - until it's taken down. Which is why NoScript is the shit.
Author
