Hey everyone,
I think I've really messed up and possibly compromised my system. Recently, I downloaded a KMS activator for Office from a random GitHub repo, which I know was a big mistake. As soon as I ran it, Chrome crashed unexpectedly.
After a few hours, I got a notification of a login attempt on LinkedIn from Vietnam and an active session on Google from California (which is weird since I'm not even in the US). I also received account verification emails for multiple accounts. That's when it hit me that I might be in serious trouble.
Here's what I did to secure my accounts:
- Logged out of all devices everywhere
- Changed passwords using my phone
- Enabled 2FA on all accounts
- Wiped Chrome, including all app data
- Ran full scans with Defender and Malwarebytes
- Checked startup items and scheduled tasks; nothing suspicious was found.
From what I've read, this seems like a typical infostealer that steals cookies and sessions. I'm confused about a few things:
- Given that I can't see any malware currently, am I really in the clear or still potentially compromised?
- Is it necessary to reset my entire PC or am I overthinking this?
- After logging out and resetting passwords, could they still access my accounts?
- Is there any way to be 100% sure my system is clean?
Definitely learned my lesson about running random .exe files, especially from GitHub! Any advice would be greatly appreciated since I'm trying to avoid getting hacked again!
1 Answer
It's really good that you took those immediate steps to secure your accounts. However, if you suspect that your machine could be compromised, the safest approach is to do a clean install of Windows. Here’s what you can do: use another computer to create a bootable USB drive with the Windows installer. Boot from that USB and completely wipe all the partitions on your drive before reinstalling Windows.
You'll also need to keep your system updated and reinstall the necessary drivers afterward. If you have important files on the machine, make sure to back them up before wiping, but avoid transferring any executables. A full wipe is the best way to ensure everything is clean!
Yeah, I was worried this would be the safest option. I've l locked down my accounts (password resets and 2FA), so I just want to make sure my system is clean. I only have a single SSD and a 512GB HDD for other files. Should I back up just personal documents, images, and code, and skip executables? Would "Reset this PC" suffice, or should I go for a complete bootable USB reinstall? I want to be careful and not bring anything potentially harmful back.