A few days ago, I accidentally downloaded a game trainer from what I thought was a legitimate site, but it turned out to be fake. I ran the file and immediately felt something was off. I tried to delete it, but it was associated with some Nvidia process and wouldn't go away. After restarting my PC, I managed to delete it and ran a Defender scan, which came up empty. I then downloaded Malwarebytes, did a full scan, and it found some malware and quarantined it. However, I'm not sure if the downloaded file was included in that scan. When I checked back later, I found out that my Discord account was sending out crypto scam messages while I was away, signaling that my account had been compromised. I quickly changed my email passwords and added two-factor authentication. There's a text file on my PC with all my other account details, and I'm terrified it might have been accessed. I ran the suspicious file through VirusTotal and it showed several positives, indicating it could be a Trojan. Is this just a token grabber? What steps should I take next? I'm considering completely resetting my PC and reinstalling Windows.
2 Answers
First off, yes, it sounds like you got hit with a token grabber or similar malware. The best course of action is to nuke your system and reinstall Windows to ensure everything is cleared. After that, change all your passwords from a different device. Also, for future browsing, I recommend using a browser like Chrome or Firefox with ad-blockers like uBlock Origin to prevent these kinds of situations.
You're right to be stressed; this is serious. After reinstalling Windows, change all your account passwords using a secure device. Ensure you're doing it from a different computer or your phone to avoid further issues. And yes, running your antivirus in safe mode can help get rid of persistent malware!
Got it! I’ll make sure to do that.
Thanks for the advice! I’ll definitely consider using those tools in the future.