Question How do I get rid of serious malware?

Toggle sidebar Toggle sidebar
Status
Not open for further replies.
W

wallsbrett6

Reputable
Oct 25, 2015
43
0
4,530
Hi, my accounts have been getting hacked into, and its been happening for awhile. Ill start from the beginning for everyone. One day, maybe February of last year, I was playing Battlefield 1 on my gaming computer. After a long night of playing, I went to bed and when i woke up in the morning I had over 5 emails saying there has been a new log in from another device (Somewhere from Russia, another from Germany and so on). Pretty startled by this, I decided to crack down on my security for both my Google Email and my EA account email. I had changed the passwords for both accounts and restarted my PC. surprised, I woke up the next day and found my accounts were still being hacked into. Even my steam account was hacked into. I use the same email for both my EA account and my steam account so maybe that is how it happened. One thing i have noticed is that the accounts I did not sign into on this computer were still safe (to the best of my knowledge). That got me thinking, maybe I have a key logger. It wouldn't be a surprise to me because I do pirate games off of suspicious websites and that very well may be the cause of all of this. I decided to perform a virus scan, a rootkit scan, and all the other types of scans i could think of. I even wiped the hard dive and reinstalled windows 10 using there built in tool that lets you do so. Even after a full system wipe, my problem still persists and i'm starting to think there is no hope for my gaming PC. I know I may have brought this on myself with my suspicious activity, but I definitely have learned my lesson and i'm asking for any help on how to solve this problem so I can safely buy games, play online, and just enjoy being in the PC community without the worry of all of my accounts being bombarded by overseas hackers. Thank you all and I hope we can work together to come to a solution.
 
Sort by date Sort by votes
Are you sure that those emails actually where from steam/EA etc? Where you still able to access your acounts after receiving this emails? If they where hacked, they would most certainly change the password of the accounts. Most cases you just receive emails that are made to look like they are official and real. Also called a phishing attack.

Set up 2 factor authentication on all the accounts, think most gaming/email and so on accounts should support that.
 
Upvote 0 Downvote
Spaceghaze said:
Are you sure that those emails actually where from steam/EA etc? Where you still able to access your acounts after receiving this emails? If they where hacked, they would most certainly change the password of the accounts. Most cases you just receive emails that are made to look like they are official and real. Also called a phishing attack.

Set up 2 factor authentication on all the accounts, think most gaming/email and so on accounts should support that.
Click to expand...
Spaceghaze said:
Are you sure that those emails actually where from steam/EA etc? Where you still able to access your acounts after receiving this emails? If they where hacked, they would most certainly change the password of the accounts. Most cases you just receive emails that are made to look like they are official and real. Also called a phishing attack.

Set up 2 factor authentication on all the accounts, think most gaming/email and so on accounts should support that.
Click to expand...
Thank you for your reply! I have set up 2 factor authentication for all of my accounts and my problem still persists. There has been once instance where my account password has changed as well, although it doesn't happen much anymore since I've set up 2 factor authentication.
 
Upvote 0 Downvote
Assuming NOT a social attack and actual worst case scenario:

Normally I would say you would need access across a JTAG interface to write a custom firmware to the drive. Proof of concept hacks have indicated otherwise.

Various proof of concept attacks for UEFI BIOS infection exist as well

I believe the Windows Platform Binary Table was a problem with a Lenovo specific rootkit. that Lenovo insisted be present on your system.

Any boot tools you have created using the infected system are subject to being infected themselves. Any chance of cleaning will involve tools created from a known clean system.
 
Upvote 0 Downvote
Assuming actual persistent malware, not a social engineering attack, and NOT a firmware / BIOS package left behind:

Unsure how you are shutting down your system. Complete power down by pulling system power recommended after doing your soft power off.

Like a virus, any and all programs are suspect if they have been written to. Any files subject to malware injection are suspect. This includes your backups since typical data hygeine is poor.

Use a tool such as parted magic , created on a known clean computer, to boot the system from a cold state, and completely wipe all drives, in case of MBR / VBR malware. (Any tool created on the computer is suspect)

Alternatively, you could try the DD command from a linux boot as well and just zero out chunks of the structure at the beginning and end of the drives
 
Upvote 0 Downvote
wallsbrett6 said:
It wouldn't be a surprise to me because I do pirate games off of suspicious websites and that very well may be the cause of all of this.
Click to expand...
Not "very well may be"....is.

Wipe clean and reinstall. All drives, all partitions, all data.
Wipe it clean.

How To - Windows 10 clean install tutorial

If you are looking for the Windows 11 Clean install tutorial, you can find that here: Windows 11 Clean install tutorial (Click here) Otherwise, welcome to the Windows 10 Clean install tutorial This tutorial is intended to help you, step by step, to perform a clean install of Windows...
forums.tomshardware.com forums.tomshardware.com
 
  • Like
Reactions: wallsbrett6
Upvote 2 Downvote
USAFRet said:
Not "very well may be"....is.

Wipe clean and reinstall. All drives, all partitions, all data.
Wipe it clean.

How To - Windows 10 clean install tutorial

If you are looking for the Windows 11 Clean install tutorial, you can find that here: Windows 11 Clean install tutorial (Click here) Otherwise, welcome to the Windows 10 Clean install tutorial This tutorial is intended to help you, step by step, to perform a clean install of Windows...
forums.tomshardware.com forums.tomshardware.com
Click to expand...
Thank you for your reply. Would you recommend a new HDD or sdd or would wiping the drive and doing a clean install of windows solve my problem?
 
Upvote 0 Downvote
Spaceghaze said:
With 2 factor authentication it should not be possible at all to change or login for someone else then you.

The emails that you are getting now, do they say that someone actually logged into the account, tried to, or is it just that someone requested a password recovery/forgot the password?
Click to expand...
Thank you for your reply. The email is an official email from ea that says there has been a new sign in from the web using my email and EA info.
 
Upvote 0 Downvote
wallsbrett6 said:
Thank you for your reply. Would I need to purchase a new copy of Windows 10 to install onto the hard drive?
Click to expand...
If reinstalling in the same system, no.

Follow the steps here:

How To - Windows 10 clean install tutorial

If you are looking for the Windows 11 Clean install tutorial, you can find that here: Windows 11 Clean install tutorial (Click here) Otherwise, welcome to the Windows 10 Clean install tutorial This tutorial is intended to help you, step by step, to perform a clean install of Windows...
forums.tomshardware.com forums.tomshardware.com
 
Upvote 0 Downvote
Status
Not open for further replies.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom