Malware, Virus, help?

AngelilloPIO

Reputable
Aug 20, 2014
35
0
4,540
In the last month 2 of my accounts were compromised my league of legends and my origin account.

Origin account happened first, I saw the profile, he changed my name the picture almost everything, that is where I think the virus started. Anyways 2-3 weeks after that, I bought a $25 rp card and I put in the code. After some hours and I got off the person hijacked my account, but left everything untouched... Might it have been him thinking it was a credit card?

After that the other day I was in the mall and I get this message saying your security code: ______ and I was confused cause I wasn't requesting anything that needed that.

Today at 2 different times some where 7:44 and somewhere 6:36 it sent a link to the people in my skype.
The link was (http :// flysafe. pw/ foot. php) DO NOT OPEN IT. The word after the / changed so it was (foot, excercise, use, submit, blind, commit, consider, believe, wish)
Then today in CSGO and Overwatch my D randomly stops working, it goes on and off, but I can type in chat with D fine, its just in games.

I used malwarebytes, hitman pro, jrt, rkill, adw cleaner, avast and even the anti virus with windows that came.

It did have a malware that was the first time that I cleared it
and in adw i found 13 threats
in windows anti virus i found one
and after that I do not remember...
Honestly anyway anyone can help?
 
Solution
Just want to point out that if the attacker used your Skype after you changed your passwords, you will need to change your passwords again since they may have still had their keylogger or whatever they used in place. If you changed them after formatting your hard drive, you should be fine.

audie-tron25

Reputable
Mar 23, 2015
498
1
5,165
First off, modify the link (add a bunch of dashes and dots or something) or even just leave the name. Someone will click on it.

I've always found that a combination of ADWCleaner and Malwarebytes usually removes everything. Does any of the software that you've mentioned still find anything? Also, it is possible that you may have had a keylogger which could capture your login details. I would advise you to change your passwords just in case.

EDIT: Who was the security code from? If it was legit, then someone definitely has your login details.
 

AngelilloPIO

Reputable
Aug 20, 2014
35
0
4,540
I did change all my passwords, but I still feel threatened by the fact that it happened after I did all my virus checking... The skype thing was really scary and honestly I am about to restart my PC to stock, even though I do used a pirated windows which was upgraded to windows 10.
 

AngelilloPIO

Reputable
Aug 20, 2014
35
0
4,540


I think the security code was from twitter

not twitter, uber.
 

AngelilloPIO

Reputable
Aug 20, 2014
35
0
4,540

I think this guy is just trying to get a credit card or something
 

IceMyth

Honorable
Dec 15, 2015
571
3
11,165
Hi,

The problem you will need a good antivirus and maleware remover. Even with that might not solve it from the 1st time, as they might exist somewhere else like Temp folder.

Try Malwarebytes (Free version) & Norton Security DELUXE (Free 60days), and go to run>type temp> delete everything there. Then perform complete scan using both softwares.

Also check Task manager for processes running there, as you might have installed something causing them to spy on you and terminate all these process before the scan.

Repeat this until no threats are detected.
Regards,
 

AngelilloPIO

Reputable
Aug 20, 2014
35
0
4,540


Hi thanks for responding!, I just "cleared" my temp file and it said I dont have permission to view this idk if that is normal but it just said to click ok as administrator, I couldnt delete 3 files though once with a lot of letters and numbers, one called _avast_, and another one called avast_ash2
 

AngelilloPIO

Reputable
Aug 20, 2014
35
0
4,540


Hi thanks for responding!, I just "cleared" my temp file and it said I dont have permission to view this idk if that is normal but it just said to click ok as administrator, I couldnt delete 3 files though once with a lot of letters and numbers, one called _avast_, and another one called avast_ash2
 

IceMyth

Honorable
Dec 15, 2015
571
3
11,165


You are welcome,

Nope that is fine, some files are windows and cant be deleted as they are used by some process. To confirm that in Task manager if you see a process you suspect of end it and after you are done try to delete them.

So what is left is to scan your PC with good antivirus and maleware.

Regards,
 

AngelilloPIO

Reputable
Aug 20, 2014
35
0
4,540


Thanks but I think I am going to go with a clean reinstall of windows, this has been haunting me for the greatest time. I feel I can not take anymore risk... D: THIS HAS TO END ONCE AND FOR ALL! MY SKINS DAMMIT!

Also, my ping was very unstable almost as if I was being DDOSeD...
 

IceMyth

Honorable
Dec 15, 2015
571
3
11,165


I agree this is the best solution as it happened many times lol. But make sure you format all partions you have or scan them before you format as they might be infected.

Regards,
 

AngelilloPIO

Reputable
Aug 20, 2014
35
0
4,540


What do you mean format? lol im kinda a noob :c
 

IceMyth

Honorable
Dec 15, 2015
571
3
11,165
hehe it is okay :)

Depend reinstall windows might be just update what you have by replacing only windows files while keeping the current programs. Or it might mean wipe the current drive and reinstall it.

Formatting mean, clear the Harddisk from everything (It will be completely empty) then you do fresh install (Then you will need to reinstall drivers....etc).

Regards,
 

AngelilloPIO

Reputable
Aug 20, 2014
35
0
4,540


Alright I'm on the PC again and I formatted the harddrive, my only problem now is that I cant get my logitech gaming software to work and that is part of my headset so I have no sound. I downgraded to windows 7 ultimate...
 
Just want to point out that if the attacker used your Skype after you changed your passwords, you will need to change your passwords again since they may have still had their keylogger or whatever they used in place. If you changed them after formatting your hard drive, you should be fine.
 
Solution

AngelilloPIO

Reputable
Aug 20, 2014
35
0
4,540


The Logitech Gaming Software supports my mouse and headset for dpi and equalizers but right now they are using system drivers. Logitech crashes on start up... It installed a driver that doesnt let me hear anything on my headset, without LGS I cant have the 7.1 surround system
 

AngelilloPIO

Reputable
Aug 20, 2014
35
0
4,540


Thanks for responding! Yes, I will thank you!