I downloaded an .exe file to my internal storage and, against my better judgment, ran it. A day later, I received a notification from Google about strange activity on my account. I deleted the .exe shortly after that, but it hasn't stopped the issues. Today, I noticed an Amazon order charged to a card that isn't mine and sent to a location I don't recognize. I need to know how to effectively remove the virus from my system. Also, I have external hard drives connected to my PC at all times—do I need to format them and lose all my data, or can I avoid that?
4 Answers
While you handle this, make sure to change your passwords for all of your accounts and enable two-factor authentication. Avoid using the infected computer as much as possible. Using a password manager can help you create strong, unique passwords without needing to remember them all.
Definitely! Look into Bitwarden or LastPass—they're both user-friendly.
First things first—disconnect your PC from the internet to prevent further issues. Then, use a different computer or your phone to change your passwords. Make your email secure as that’s often the key to everything. After that, I recommend booting from a USB with Linux, transferring any important files to a new external drive, and then wiping your infected drives before reinstalling Windows.
Should I backup anything from the infected PC, or is it all potentially compromised?
Only back up files that you are absolutely sure are safe. Better safe than sorry!
If you've run a suspicious file, you should definitely take immediate action. Start by performing a clean installation of Windows using a USB drive. You can find detailed instructions if you search for clean installs in this forum. Meanwhile, change all your passwords using a different device, set up two-factor authentication on your accounts, log out any unrecognized devices, and keep an eye on your accounts for unusual activity. It's also recommended to freeze or replace any credit cards that may have been compromised.
Is it really necessary to do a complete wipe? Can't you just run an antivirus?
Running antivirus is good, but a clean install ensures that anything hidden is removed. It's the safest option.
Before proceeding with anything drastic, I suggest running a scan with VirusTotal and doing a Windows Defender offline scan. Some scam emails could just be phishing attempts without necessarily implying a virus on your machine.
Using a password manager sounds smart. Are there any free ones that you recommend?