And just a heads up for people talking about online wallets, Blockchain.info being online isn't what made it hackable in this case. If your computer is compromised - as appears to have been the case here - then any bitcoins that computer has access to, either on local wallets or online wallets, are in jeopardy.
Trust me, I would love to catch them.
The most frustrating thing is I have NO idea how I got a keylogger. That has never happened before, and I wonder if I was targeted somehow by someone I know. The only explanation for that, would be somehow my TeamViewer had a password I used somewhere else that was leaked, but it's impossible to verify now.
I had no idea you could use 2FA for Teamviewer or I would have. I also should have had a stronger and more unique password there obviously.
I also would have used the On-Screen keyboard for blockchain.info or any sensitive passwords, and turned off blockchain email backups of my wallet, which they stupidly had on in default settings.
I would even consider restricting login to certain IP addresses. I thought about this many times but was worried I'd lock myself out somehow.
Any of those things may have saved me. I am still not sure if Tor use had anything to do with it, but if it did, that's even more upsetting.
And NEVER have trusted Google to protect my account in any way shape or form.
The irony I just put all my BTC there for safekeeping the week before is what really astounds me.
Google 2FA = total failure.