I accidentally downloaded something harmful and unknowingly allowed access to a program trying to breach my browser from my device. This led to someone accessing my Instagram and Discord accounts, bypassing my two-factor authentications, which suggests they might be using a session stealer. I quickly logged out of all Chrome sessions and cleared my cookies, deleted all passwords from my password manager, and changed every password I could think of.
After that, I ran multiple antivirus scans with programs like Malwarebytes, HitmanPro, Adwcleaner, and ESET (which is still running). They found a few threats, and I removed them all and rebooted my computer after each scan.
However, I received a Google warning indicating that an unknown device was trying to access my secondary Google account, although it didn't specify the device's location. I blocked it immediately. Does this mean the malware is still active on my PC, or is it just utilizing the stolen cookies, sessions, and passwords? What steps should I take next?
2 Answers
It's best to stop using your PC for now since it seems compromised. You don't want to risk further exposure or damage to your accounts.
To be safe, you'll likely need to do a clean install of Windows. It'll wipe everything and ensure all malware is gone.
Yikes! How can I tell which files I can migrate? I've got some important work stuff on there!