Last week, I was trying to download a game online. After waiting for a while, I decided to cancel the download and deleted all the visible files associated with it. Since then, I've experienced some issues like my Discord freezing and my monitor flickering black occasionally, which I initially thought was due to my setup.
However, I ran a full scan with Microsoft Defender and discovered a Trojan named 'PowerShell/AgentTesla.SHDIMTB' on my system. I noticed that 7-zip was installed recently, even though I'm using a new PC and have never used that program. I deleted both the Trojan and 7-zip, then changed my passwords for Google, Steam, and Microsoft as a precaution.
I'm planning to back up some important files to a USB or Google Drive, then wipe my entire PC to be safe. I really hope that will solve the problem, but I'm not very tech-savvy and I'm not sure if that's enough.
Here's the part that's making me anxious: I've been on Discord calls with my boyfriend, sometimes using my webcam in NSFW situations while this Trojan could have been active. I'm terrified about the possibility of someone seeing that, but I hope the Trojan is just an automated program that steals data without alerting a real person. Is that a common scenario, or should I be worried about a targeted attack? Also, I haven't received any threat emails yet, which gives me some hope. Am I doing the right thing to handle this situation?
2 Answers
It’s a good idea to always be cautious about downloads, and don't feel too bad about it—many of us have been in your shoes! In terms of the RAT, many of them are set up to automatically collect whatever they can without sending a notice to the wrong people. However, if you didn't receive any threat emails yet, it's likely that you're in a better position than you think. Just make sure you wipe everything properly. The software you mentioned, Remote Desktop, can be a bit concerning, so definitely include that in your cleanup scope!
Yeah, I feel you! Just take it step by step, and you'll be alright in the end!
First things first, it sounds like you've already taken some good steps. Disconnecting your PC from the internet is a solid move. For the safest reset, you should definitely create a bootable USB with Windows installation on a different, secure PC. As for your passwords, changing them, especially for sensitive accounts, is a smart idea. Make sure you enable two-factor authentication on those accounts too! If you're worried about the Trojan, wiping your system clean is definitely the way to go. You might want to ask a tech-savvy friend or family member for help with the whole reinstallation process if you're unsure about it. Trust your instincts and prioritize your safety!
Just to add on, if you do wipe your PC, you’ll want to check if the option in settings covers a full reset or just a quick one. A full reset is ideal. And yes, you can do most of the setup without plugging back into the internet initially.
Thanks for the tips! I really need some backup here since I’m not super techy. I’ll definitely ask for help.
Thanks for the reassurance! I guess the cleanup is my best move. I’ll just try to wipe it all clean and start fresh.