1. I've never clicked a link a Blizzard (or not-Blizzard-but-actually-phishing) email. In fact, I searched through my email and I haven't actually received one except for my initial registration, and a few emails about the beta earlier on. About 3 emails total. I'm going to safely assume it wasn't those.
2. This is a fresh Win7 install (I thought a format before diving into D3 would be nice). The only things I've installed are the few required drivers, MS Security Essentials, Steam (which uses a different username and password), and D3. How did a keylogger get in there?
So what did I do wrong? I think you can understand how frustrating it can be to play it this safe and still get compromised. If the authenticator was my ONLY OPTION to not get hacked other than just not playing the game, then why isn't it included?
I mean, other than the authenticator, I don't see anything else I could have done to prevent this. Let's say I could go back in time and change anything I wanted *except* use the authenticator. What could I have changed to protect myself? WHAT? The only answer I can think of is not use the auction house, but I'm not 100% convinced that's truly the source of the compromise.