Good afternoon, I was dumb and downloaded a file I shouldn't have on my Win 10 PC. They got into my Instagram, Riot Games, Epic Games and that was all. I changed every single password, added two-factor authentication with google authentication too to every email, account that is possible along with my emails. I downloaded the program on Dec 24, 2023 at like 11pm EST. Once I woke up to seeing my accounts accessed I went on my PC and went back to a restore point on Dec 23, 2023. I then went through a lot of precautions in cleaning my PC.
My specs are as follows
This is what I found in time and dates.
Dec 23: Windows did an update prior to any stupid program downloading.
Dec 24: Downloaded dumb program (Turned PC off prior to me going to bed)
Dec 25: Restore point on Dec 23 prior to me downloading program.
Things I noticed. When I downloaded the program there was a stupid attachment program linked with it some stupid browser thing that I went to skip but clicked to fast and it installed anyways. So when I went back to my restore point the program remnants were still there which was a little weird so I then went though a lot of steps to clean this situation up along with results.
Installed malwayrebytes and ran a scan that did some work but I didn't feel like that was good enough so I installed bitdefender and that also cleaned up a decent amount.
Used MSERT and that took about 6 hours doing all of my drives and that found some hidden files. After that I did a ESET scanner and that came up empty as I did that last and ran these scans about 5 times throughout the day doing each drive one by one. I think I'm fine no accounts have been touched for over two days and have all emails and recovery sent to my phone which was also being used on WhatsApp which I found out so I made a WhatsApp to take control of them trying to use that as a recovery. Still not being comfortable as I was 5 days ago I kept on Googling advice on what to do and find any oddballs on my PC and I think I found some that I have tried to google but I don't know what it is and that's why I'm here.
In the spoiler are some questionable apps that are on my private network that Im not sure of. They're the ones that have the blocked out numbers which I also don't know if they're supposed to stay hidden off the internet.
I also did the CMD "/netstat" and went through I think it was afb and I understood that was incoming and outgoing connections to IP's. I copied all of them and put them into a IP tracker and most of it makes sense to things such as spotify, cloudfare, google, valve (steam) but I don't know what it would look like if someone actually was receiving from my IP. Any help to further enhance my safety of my PC and my personal files would be great.
After watching various videos and reading forums I saw some things people say that you will notice are slow typing response, crazy usage in task manager. I haven't noticed any of that and this is my current status as of writing this post.
1 Google Chrome tab open (For this post)
1 Windows explorer for the images I posted above
1 Malwarebytes in the background (Tray application)
1 Bitdefender in (Tray application)
1 Task Manager
I would post my Task Manager but not sure if anything personal would be on there but I still took screenshots with just the above programs running and have them saved if there's no personal information on it. I hope someone could help me out.
My specs are as follows
Windows 11 Home 64-bit
Ryzen 7 3700X
RTX 2080ti
32GB RAM
2X M.2 SSD
2X SSD
DX 12
Ryzen 7 3700X
RTX 2080ti
32GB RAM
2X M.2 SSD
2X SSD
DX 12
This is what I found in time and dates.
Dec 23: Windows did an update prior to any stupid program downloading.
Dec 24: Downloaded dumb program (Turned PC off prior to me going to bed)
Dec 25: Restore point on Dec 23 prior to me downloading program.
Things I noticed. When I downloaded the program there was a stupid attachment program linked with it some stupid browser thing that I went to skip but clicked to fast and it installed anyways. So when I went back to my restore point the program remnants were still there which was a little weird so I then went though a lot of steps to clean this situation up along with results.
Installed malwayrebytes and ran a scan that did some work but I didn't feel like that was good enough so I installed bitdefender and that also cleaned up a decent amount.
Used MSERT and that took about 6 hours doing all of my drives and that found some hidden files. After that I did a ESET scanner and that came up empty as I did that last and ran these scans about 5 times throughout the day doing each drive one by one. I think I'm fine no accounts have been touched for over two days and have all emails and recovery sent to my phone which was also being used on WhatsApp which I found out so I made a WhatsApp to take control of them trying to use that as a recovery. Still not being comfortable as I was 5 days ago I kept on Googling advice on what to do and find any oddballs on my PC and I think I found some that I have tried to google but I don't know what it is and that's why I'm here.
In the spoiler are some questionable apps that are on my private network that Im not sure of. They're the ones that have the blocked out numbers which I also don't know if they're supposed to stay hidden off the internet.
I also did the CMD "/netstat" and went through I think it was afb and I understood that was incoming and outgoing connections to IP's. I copied all of them and put them into a IP tracker and most of it makes sense to things such as spotify, cloudfare, google, valve (steam) but I don't know what it would look like if someone actually was receiving from my IP. Any help to further enhance my safety of my PC and my personal files would be great.
After watching various videos and reading forums I saw some things people say that you will notice are slow typing response, crazy usage in task manager. I haven't noticed any of that and this is my current status as of writing this post.
1 Google Chrome tab open (For this post)
1 Windows explorer for the images I posted above
1 Malwarebytes in the background (Tray application)
1 Bitdefender in (Tray application)
1 Task Manager
I would post my Task Manager but not sure if anything personal would be on there but I still took screenshots with just the above programs running and have them saved if there's no personal information on it. I hope someone could help me out.
Facebook
Twitter
Instagram