K, so I followed a link, some guy jacked my steam account, now he's selling it for 15$. I got a contact on my friends list that talked to him and he said he can see what I'm doing and move my mouse or some shit. Currently have AVG running. Malware bites freezes when I try to run a scan. I called my ISP, but they're fuckheads. Restarting in safe mode now. Please help.
It was a java script that fuckled me over, I dont know what the suite was, but he sent this to my friend.
[URL]http://www.hackforums.net/showthread.php?tid=332417[/URL]
Also, rate me dumb cause I got my account jacked, and I never thought I would, EVER.
You tried Malwarebytes in safe mode? You should probably see to contacting Steam support about recovering your account too.
get a firewall / re-format your pc
Ok, I'm in safemode, Malwarebytes works now. It removed an infected Boot.exe, and two infected regristry files. I doubt I got it all. Can someone check that website out for me?
-goddamnit wrong thread.-
It won't let me view his thread.
Steam customer support before it's too late.
Selling Steam accounts is illegal too, so he might get a some sort of punishment for that.
[QUOTE=paul simon;20946228]Steam customer support before it's too late.
Selling Steam accounts is illegal too, so he might get a some sort of punishment for that.[/QUOTE]
Yep, he's selling it. Should I screen shot it?
fuck, can't view the page now...
I did get his email though :v:
-snip-
He took my account down because I discovered him.
[QUOTE=RedBlade2021;20947179]He took my account down because I discovered him.[/QUOTE]
Good! Damn I hope you get your account back.
I just talked to him, that conversation went something like this:
[quote]
Wednesday, March 24, 2010
8:50 PM - Luxo: redblade, that you or is it a douche bag?
8:50 PM - RedBlade2021: hey how abought this
Call from RedBlade2021 started.
8:51 PM - Luxo: lol what
8:51 PM - Luxo: didn't even here that
Call with RedBlade2021 ended.
8:52 PM - Luxo: I'll just assume it's a douchebag
8:52 PM - RedBlade2021: yes
8:52 PM - RedBlade2021: read my name
8:52 PM - Luxo: WHAT'S UP DOUCHEBAG!
8:52 PM - RedBlade2021: Sex
8:52 PM - Luxo: SO DOUCHE BAG, WHAT SOUND DOES A DRAGON MAKE?
8:52 PM - RedBlade2021: RAWWWR
8:53 PM - Luxo: NOPE!
8:53 PM - Luxo: SUCK MY DICK ASS HAT!
8:53 PM - Luxo: ON SECOND THOUGHT! i've got your mom for that
RedBlade2021Mypassowrd wordpass is now Offline.[/quote]
I hope you can get you account back.
got a call from another IRL friend on steam about him.
Edit: shall i call steam for scammed account so AT LEAST he wont be able to use it anymore?
plus, the new owner will lose money out of it.
[QUOTE=ProgramFiles;20947550]having fun with the scammer.
unless its really you.[/QUOTE]
It's not really me. This is a pain in the ass.
I'm talking to the guy right now. I'm pretending like I think it's still you. :v: This will be fun for me anyways.
[QUOTE=dArKnEsS_2;20947621]I'm talking to the guy right now. I'm pretending like I think it's still you. :v: This will be fun for me anyways.[/QUOTE]
As far as I know, he doesn't know about FP, but I do know about his thread. I sent a pic where he posted my info to Steam Support. hopefully they see it before it gets VAC banned.
Also, I talked to Loopy earlier on my mobile. told em to not worry much about it. The CD key prolly saved my ass, as I only use Visa gift Cards.
Yeah, I talked to Loopy about it. I'm one of two people still on his friends list because I removed the [:D] tag and played it cool like I don't know about the hacker.
Scanning using the software you posted...
...anyway, hope you get your account back.
PS: make sure next time to ask for an E-mail verification, forcing the scammer to know your own e-mail password so he can change your steam password
[QUOTE=ProgramFiles;20947770]Scanning using the software you posted...
...anyway, hope you get your account back.
PS: make sure next time to ask for an E-mail verification, forcing the scammer to know your own e-mail password so he can change your steam password[/QUOTE]
Will do PF
[editline]09:27PM[/editline]
There is a keylogger. Malwarebytes takes care of it though
Does malwarebytes take care of it even if i am not in safemode?
[QUOTE=ProgramFiles;20948125]Does malwarebytes take care of it even if i am not in safemode?[/QUOTE]
No idea.
[quote=Malwarebytes]
Scan type: Full Scan (C:\|)
Objects scanned: 608076
Time elapsed: 1 hour(s), 56 minute(s), 46 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 6
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 10
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\libsndfile-1.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\NxCharacter.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\NxCooking.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\ortp.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\PhysXCore.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\PhysXLoader.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Windows\System32\28463 (Keylogger.Ardamax) -> Quarantined and deleted successfully.
Files Infected:
C:\Windows\System32\28463\WKJC.009 (Keylogger.Ardamax) -> Quarantined and deleted successfully.
C:\Users\Derek\AppData\Local\Temp\MSN.abc (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Kenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Users\Derek\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\libsndfile-1.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\NxCharacter.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\NxCooking.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\ortp.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\PhysXCore.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files\PhysXLoader.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
[/quote]
Take a gander, team.
i hate these scammers. i almost got hacked before. do u have any personal stuff on your account?
26 objects infected... if there any similarities between your scan and mine, that mean the scan process will be sucesfull
Hit me up with your account username, I am a respected member on these forums (I assist with white hat issues) and I'll get your account. HF are noobs.
Did you do a quick or deep scan with malwarebytes?
Deep, I think.
Almost got my account hacked over steam once. Microsoft Security Essentials saved my ass, as well as many other security-breach countermeasures on my internet.
Valve really needs to work on security. I don't feel safe taking chances of hackers stealing all my games. And if the hacker is doing it just to troll people, it's even worse, because he'll likely get your account VAC banned on purpose. And Steam Support states that they will never unban you, even in that case.
[editline]09:49PM[/editline]
[QUOTE=MUFC2007;20948377]Hit me up with your account username, I am a respected member on these forums (I assist with white hat issues) and I'll get your account. HF are noobs.[/QUOTE]
You can trust this guy.
You were infected with a backdoor trojan, most likely Turkojan or Prorat, get searchin' in that registry.
I'm hoping I didn't get anything. :ohdear:
Sorry, you need to Log In to post a reply to this thread.