Where you keep your private key for 2FA?
What device you use to generate the 2FA - is that virus free too?
Were your computer and 2FA device virus free when you enabled 2FA?
These are some problems to think about. If all this don't lead to a possible backdoor, then the only solution remaining would be a fraud from the website where you had the money.
My private key would be on my Android phone. The phone is running AOSP and there are just but a few games on there and some Apps I use for day to day. I don't really see my phone getting infected.
My computer was virus free. I really can't see myself getting a virus and I do not install malware on my computer.
I don't think I'll trust havelock anymore. They stopped replying to my E-mails, so I don't think they have any plans of returning my coins.