NEW UNDETECTABLE MALWARE

Alright hello everyone, Vanwa Raumo here once again. I right now may be in some sort of a bind. A few days ago one of my clanmates from a game I play called Uberstrike sent a file in our clan Skype chat called "Uberstrike Rap by Chexe.mp3) Seeing the mp3 at the end and ignoring the weirdness of the name "Chexe" I downloaded it like an idiot.

It turns out that I might not have tried to open it, but I cannot recall whether I tried to or not. Today my other clanmates realized that our one clanmate was probably hacked because he had sent that file around to a WHOLE bunch of public chats. To provide you a bit of backstory there are two notorious people in Uberstrike community who are known for spreading malware and such.

The first one goes by the name Dima and is a Russian hacker from Russia. He spread a keylogger that he used to hack peoples Uberstrike accounts and do "funny" stuff like disbanding the most powerful clan in the game. He is friends with one of the best players in the game (whom used to be on the beta testing team with me before he quit and whom I trust). Now his friend claims that this "Dima" is currently too busy with university and was specifically asked by the player whom I trust to stop messing around with people.

The second goes by the name Farmer Ken, he is apparently a farmer from New Zealand who knows his share about computer stuff. He is the more malicious and volatile of the two. While Dima may mess with people for "the lulz" Farmer Ken (who has made hundreds of accounts to replace the ones he has been banned and has changed his IP equally as many times to avoid the IP bans) does it out of spite and the fact that he has a very terrible temper. He is notorious for hacking the game multiple times and for spreading links to keyloggers around.

The other day Farmer Ken posted on an account in the forums and I called him out for being more trouble than he is worth. He responded angrily as usual. That leads me to believe that he tried to get at me either directly or indirectly by some file or another. Now I do not know how exactly my clanmate came by this file, I can ask him to post here. But like I said before one of my other clanmates had been hacked in a similar way. This hacking was mainly of their Skype client. Both of them sent files around. The first ones account was also used to verbally abuse certain people that the hacker may have had a beef with. The second one merely acted similar to how he usually does but sent the file that was apparently the mp3. However the real person (if it was him) claimed that he could not log on to his account which prompted him to make a new account and ask everyone to delete him from the conversations. There recently was a contest for user created rap songs and some of them were pretty badly done and funny to listen to, which explains why I would accept such a file.

So now that you know a bit of backstory I will explain my current dilemna. Today I realized it was a dangerous file so I checked to see where it was. It was in Documents, I expected it to be in Downloads but that might be because of the way that Skype opens things. There were two files. The first was labelled as an Application called Chexe-Rap about Uberstrike by Chmp3 The second was a PART file called Chexe - Rap about Uberstrike by Chtrap.exe.mp3

Both are currently sitting in my Recycle bin awaiting deletion. However both of the files are apparently 0 bytes in size. Neither were detected by a full scan by Microsoft Security Elements. Neither were detected as a threat when I individually scanned them. The reason I am keeping them is because they might have been opened by me (I do forget because I might have pressed the Open button in Skype without first looking at them in the folder :S ) and I dont want to lose trace of the original. The second reason is that perhaps someone with knowledge about software could inspect them and they perhaps could be added to virus databases.

If you have any words of advice please post here. If you want the file I do have a skype. There hasnt been any suspicious activity other than the internet being super slow suddenly last night (which was fixed by restarting the modem) but the fact that I have made a few Paypal purchases in the last while is unsettling if its a keylogger. None of my other accounts seem to have been compromised...yet.
Thanks for reading
VanwaRaumo.
24 answers Last reply
More about undetectable malware
  1. Have you tried a MalwareBytes scan of the files ?
    I Would definately run it just to be sure.
  2. Running one right now. Either way is there a way to notify companies that have security software about this threat?
  3. Most Anti-virus companies have an email address to send files to.
  4. I came across a website I found from Maximum PC's April 2012 magazine that recommends uploading a questionable file to virustotal website (just google it, first link). It'll use many different antivirus and antimalware programs and let you see how it fairs with all of them. Hope this helps.
  5. Malwarebytes, SuperAntiSpyware then Combofix if they don't fix the issue I doubt anything will.
  6. rkill and then malwarebytes
  7. Okay thats 2 for 2. Malwarebytes seems to think my computer is fine. I do have the files in the Recycle Bin its just the fact that they appear to have no file size that is worrying me.
  8. Wait a second, even though it said there are no "bad files" on my computer I just opened Skype and it said that Malwarebytes has blocked access to a potentially dangerous site, I will try to get a screenshot of the websites IP.

    EDIT: I checked Malwarebytes logs and this is what it said

    IP-BLOCK 91.188.48.87 (Type: outgoing, Port: 21525, Process: skype.exe)
  9. Okay I looked up that IP address and its registered to someone in Latvia who apparently is called SIA IZZI
    I searched this "Sia Izzi" and got this: http://malwareint.blogspot.com/2010/09/criminal-activities-from-bkcnet-sia.html
  10. http://whois.domaintools.com/91.188.48.87

    http://www.izzi.lv/
    Seems to be an Internet Service Provider, who have a dynamic pool of ip addresses, which their users use.
  11. As others have stated, Malwarebytes+Antivirus, and if that does not catch anything (but you are sure you have something) then it is time to reformat and try again :)

    It may be time to find a new/safer addiction
  12. VanwaRaumo
    one reason your computer may still be prone to the malware is because it resides in your recycle bin, to totally remove the malware you need to empty your recycle bin to remove the file
  13. Did a bit more digging and found this: http://lv.linkedin.com/pub/dmitry-kohan/30/533/563 Dmitry Kohan. Dima is the nickname for Dmitry, however according to the player, if he may be trusted, the Dima that is responsible for some of the trouble at Uberstrike lives in Omsk, Russia and goes to University there. There was a video he posted a while back too of a bear in some dump he appeared to be working at so once again I have my doubts he is Dmitry Kohan. I will try to find the video to see if they look similar.
  14. BrookD1995 said:
    VanwaRaumo
    one reason your computer may still be prone to the malware is because it resides in your recycle bin, to totally remove the malware you need to empty your recycle bin to remove the file

    Okay I will do that but they have no filesize which really worries me. Could this mean that they somehow reside somewhere else secret?
  15. Another update: I used VirusTotalUploader 2.0 and used the process scanner. Apparently SUPERAntiSpyware detected this: Trojan.Agent/Gen-Krpytik
    That makes sense seeing as it is Skype that is usually compromised. Also if we do find the person who is doing this is there any possibility of getting them in trouble with the law or do they frankly not care over there?
  16. malwarebytes will only find it from a clean boot, or after rkill has been used to stop any processes that are a problem.
  17. You haven't said if you have rebooted since the suspected infection. If you launched the exe inadvertently chances are very high it is in memory. This means it may create zero byte files awaiting for you to shut down and reboot to write the exe back to the system and relaunch itself when you reboot via registry entries or auto start locations. However both Malwarebytes and Superantispyware should check current memory, registry entries and do a scan of system files to look for this kind of behaviour. You should have an antivirus program that is a little more robust than MS Security Elements. In my experience it couldn't catch crap and is useless. Also, do you use any firewalls?

    Either way once you have run full scans of malware and antivirus you need to reboot, check your msconfig for strange executable, delete all your TEMP files and have a strong customizable firewall running at all times. There are a few more things you can do but this generally roots out most stuff. I work at a large University with people that always catch stuff and this works most of the time. I run stronger defense at home and have not caught anything in to many years to count. PC are extremely safe if you learn how to manage them.
  18. Okay thank you. I do have the firewall that comes with Windows but nothing else. I am also not very well versed in it. What free antivirus, firewall and antimalware programs do you recommend or what ones are very good but not too expensive (under 30 bucks would be nice).

    I have restarted several times since I downloaded the file and just did before and ran another full scan with malware bytes. If I totally uninstall Skype and restart it would that clear it? However it may be a keylogger which is why I havent been taken over (I save my password) Also I dont want to have to totally reformat my computer as I just downloaded a few hundred gigs of Steam games. :S

    The last time I fell for a virus was last year when I was far less careful. I cant believe I let my guard down, especially when my other clanmate had the same problem. Well we learn from our mistakes, I just hope this one isnt too massive and I get my bank account cleaned out because he keylogged me when I was logging into Paypal.
    Once again thanks for the help guys, I really appreciate it.
  19. Hrmm now Malwarebytes is blocking a new IP address. IP-BLOCK 95.169.190.199 (Type: outgoing, Port: 21525, Process: skype.exe) This time its from Russia, not Latvia.
  20. Sounds like you have a rootkit.

    rkill is great, but you have to know what your looking for. rootkit revealer is great for finding stuff that is trying to hide from windows, if you find any rootkits, then try to download and run icesword.

    If you have another PC to do the downloading on, that would be recommended to prevent the downloads from being corrupted or the /exe's from being blocked by the malware.

    Good luck!
  21. For those who care to read this is a logfile from Hijackthis. I noticed a lot of processes that have missing files and are fishy in general.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:35:32 PM, on 06/03/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
    C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
    C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
    C:\Program Files (x86)\iTunes\iTunes.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Brandon Rauser\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Brandon Rauser\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 11681 bytes
  22. Well rather than take the risk of not fully cleaning out my PC I am going to reinstall Windows 7 once again. This time Im going to save my steam games to DVDs and geta good antivirus, (Kaskpersky was recommended to me by a long time PC user). Im going to get a keyscrambler too to prevent my keys from being logged.

    Thanks for all your guys help, I really appreciate it.
  23. Hello,
    I am the clan mate who's Skype was hacked. I also had a minecraft account hacked a couple months ago. I am on a mac, and I don't know what to do to get rid of the hacker. There must be something in my computer because I have had two accounts of mine hacked. I'm just scared that the hacker will get access to my Facebook. I don't know where to look or how to remove anything that might be in my computer. Can anyone help me out?
  24. Hello once again. Another Mac user on Skype was compromised and lost control of his account to whoever started distributing this disguised file. Malwarebytes has once again blocked outgoing signals to what appear to be locations for VPNs and or proxies. I want to format my disk to be rid of this file but I was informed that its possible the malware may have created a partition on my disk hidden to Windows and or gotten itself onto the boot sector. Is there a way to get rid of it short of smashing the disk into bits? Thank you very, very much.
Ask a new question

Read More

Security Windows 7