I think I've infected my computer with a Remote Access Trojan (RAT) after downloading a ZIP file. Since this incident, my accounts (including Google, Riot Games, Discord, Twitter, Instagram, Snapchat, and Telegram) have been compromised. I even interacted with the attacker through my Riot account before they took over, and they demanded $50. I've tried running Windows Defender and the Malicious Software Removal Tool, but they found nothing. I've fully reset my PC and changed my passwords from a different device, yet the attacker still manages to access my new passwords. What steps can I take to ensure this RAT is fully removed and my system is secure?
4 Answers
Also, double-check your email rules. I've seen cases where attackers set up forwarding rules to snag your emails as they come in. It's a sneaky way of maintaining access.
If the attacker installed a RAT, they could have control over your system while it's online. This means they could be using keyloggers to capture passwords or viewing your screen directly. It's crucial to ensure you have clean backups of important data because you might not want to trust your hard drive again after this.
And check to see if there's any unusual software installed on your system. It's always good to do a clean sweep before resetting!
Reinstalling Windows is the best solution here. Just make sure to use a USB media creation tool to do it. Don't rely on the reset option; a clean install is more effective against infections like this. Instructions for creating the installation media can usually be found on the official Windows support site.
Totally agree with that! Just be sure to back up your important files first, but be cautious to avoid saving anything potentially infected.
And make sure to use a different device to create that USB drive to prevent any potential infection from spreading!
It sounds like your email may be compromised too. Change your passwords everywhere and enable two-factor authentication where possible to add another layer of security.
Absolutely! When you reinstall, consider using a password manager for creating distinct and secure passwords for your accounts.