Jump to content

Frauded credit card twice - malware ?

Recommended Posts


Here I come, desperate of what's been happening to me those days.

I had a credit card with the 3 numbers in the back that change every hours before. Then it became a bit expensive so I asked my bank to remove this option. 

4 weeks ago I received a brand new card, I ordered things on amazon and my card was frauded, someone used to do e-commerce shopping (on Auchan website).

So i had to receive a new card, 1 week ago, brand new. I ordered things on amazon, and... today my bank called me to tell me "you have been frauded again". Same method, the hackers buy stuff on Auchan website.


Why am I telling you this ? Because the ONLY WAY that someone could get TWICE my credit cards number would be my PC. Or my phone but I've never ordered stuff from my phone with the new cards.

So I runned a big scan with kaspersky, it found nothing at all. What a useless software...
Then I runned Malwarbytes and of course he found malwares. And I runned Rogue Killer, he found stuff too.


So now I need you to help me destroy those motherf*ckers.

I'm not 100% sure my credit card numbers have been collected because of the malware that i've got.


Please help :D

Share this post

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.

A few things you should do right now.

Check if your passwords were previously exposed in data breaches

Check if you have an account that has been compromised in a data breach

How to Create a Strong Password


Reset your router. It may be infected. 

How to Reset a Router Back to the Factory Default Settings

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)


Reset for Linksys, Netgear, D-Link and Belkin Routers

How to tell if my Wireless is secure.

Make sure you change your password is strong.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.

Please attach the logs for my review now and I will check your logs while you take care of the above..

Wait for further instructions

Share this post

Link to post
Share on other sites

Hi there,

I just checked, I have been powned on my principal email. I just changed the password to a stronger one.

Thanks for the other advices about router.

Find attached the files, as asked

Addition.txt FRST.txt

Share this post

Link to post
Share on other sites


Remove this program in bold via the Control Panel > Programs > Programs and Features.
CCleaner (HKLM\...\CCleaner) (Version: 5.45 - Piriform)

Version 5.45 is compromised.


If you need it please download the latest version from this site.

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.

Please post the Fixlog.txt and let me know if the problem persists.


Share this post

Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.



Share this post

Link to post
Share on other sites
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.