Not too long ago I noticed my AV was acting funny. I use Kaspersky Internet Security (the paid ver) and it was not opening. Attempts to reinstall it were unsuccessful, and so I decided to install malwarebytes and see if it was a Kaspersky issue or an issue with my PC. A MB scan identified 29 threats and I quickly quarantined them. I promptly attempted to reinstall Kaspersky (and was forced to uninstall malwarebytes in order to reinstall the program) and was successful. Unfortunately in my panic I failed to think that the malwarebytes log may be have been helpful in finding out what exactly I had been infected with (or if it had simply been a weird occurrence/false positive). The only part I remember about the log was one of the files being described as a “backdoor” and I quickly “noped” out of that, immediately quarantining the files.
Immediately afterwards I had done a full scan on Kaspersky, used hitmanpro’s free version as a second opinion, and did another Kaspersky scan two weeks later. All of which came up clean.
The reason why I am still considering the fact that this may have been a strange false positive is that no strange activity happened on my PC leading up to or after the discovery of the infection. Regardless, I have still changed and login information I use and have always enabled 2FA on sites I use on any PC, even before this case. I also searched for other potentially sensitive information on the PC and thankfully didn’t find too much. No login attempts or fishy logins were found, and nothing else generally seemed out of the norm. This almost makes me feel worse, as its difficult for me to pinpoint just how long my PC has had this issue.
In hindsight the malwarebytes log would probably have made this a lot easier of a diagnosis, but unfortunately that seems to be lost. Nonetheless I have not yet reformatted this PC, but have not logged into any important sites like my banking or email, reserving that for my other PC.
My main questions are: Should I reformat just to be safe? Can I be sure this PC will be safe post reformat? Should I even bother given every scan since has come clean? Part of me wants to simply trust Kaspersky’s judgement, but another part of me remains paranoid wondering if I am leaving myself vulnerable.