Need urgent help with virus right now

[Lando The Climber]

About a month ago I got a R.A.T (remote access trojan) No idea how it got there, it is FUD (Fully Undetectable) so my antivirus can't pick it up. I know a fair amount about RATs and how they operate so when I realized I had one I went to my temp folder, deleted svchhost.exe (the description was #U$(*UWDIUWHA!@$*%*$$( so I knew it wasnt legit, I went to the registry, went to HKEY_LOCAL_MACHINE, software,microsoft,windows,currentversion,policies,explorer,run and deleted its registry key. That kept it away for like, a week. I think there is prolly more keys that remake the old ones, but I can't find them. (I'm in safe mode with networking right now) A few minutes ago BOOM "uninstalling malabytes anti-malware" came up and I stuff my pants because it was the RAT attempting to uninstall it. SO I CAME TO YOU GUIS FOR HELP, SO PLEASE GIVE ANY SUGGESTIONS (please no delete system32 kthx)

[Ad Bot]

[dorkdotdan]

Take it to a nerd, Or Microsoft if you have $100.

[HerpaDerp]

backup your stuff and reformat.

[Lando The Climber]

Take it to a nerd, Or Microsoft if you have $100.

I don't want Microsoft to see all my research no, I don't got $100.

[Lando The Climber]

backup your stuff and reformat

All 162GB of it? I don't have a backup that big

[HerpaDerp]

All 162GB of it? I don't have a backup that big

External Hard drive?

Ive backed up over 200GB of stuff before, just got to be patient. Unless that RAT is active and tries to stuff with you backing it up. Also he probably has your BL Forum password too. :C

[Lando The Climber]

External Hard drive?

Ive backed up over 200GB of stuff before, just got to be patient. Unless that RAT is active and tries to stuff with you backing it up. Also he probably has your BL Forum password too. :C

HOLY monday, PROBABLY STOP USING ONE PASSWORD FOR EVERYTHING D: oh and, I think it is watching me in safemode, stuff keeps backspacing, random notepads popping up. O_O. Say hello to mr. script kiddie everyone!

[HerpaDerp]

HOLY monday, PROBABLY STOP USING ONE PASSWORD FOR EVERYTHING D: oh and, I think it is watching me in safemode, stuff keeps backspacing, random notepads popping up. O_O. Say hello to mr. script kiddie everyone!

Lul lemme say "forget you" to him.

Yeah, if his RAT has a keylogger with it, then yeah you're screwed.

[Kevdude]

Can't you restore it?

[james4115]

HOLY monday, PROBABLY STOP USING ONE PASSWORD FOR EVERYTHING D: oh and, I think it is watching me in safemode, stuff keeps backspacing, random notepads popping up. O_O. Say hello to mr. script kiddie everyone!

hi mr. script kiddie!


send my best regards

[LizzyRascal]

Take it to a nerd

YEAH BECAUSE IF YOU ARE GOOD WITH MACHINERY THEN YOU'RE A NERD.

[Ethan]

Lol'd at the "svchhost.exe". They try so hard sometimes lol

Best thing to do would be to delete it by hand, or if you know the registry key's name, google it for programs that could delete it.

[Lando The Climber]

Lul lemme say "forget you" to him.

Yeah, if his RAT has a keylogger with it, then yeah you're screwed.

Well, I have typed my password in many times when he was active and so far I haven't seen any changes in my accounts on stuff

OH GOD A MESSAGE BOX JUST CAME UP SAYING ";)"

[james4115]

you know what virus makers should do?

make something that uninstalls the virus when they're done with screwing up your computer

that'd be so polite

[Lando The Climber]

Can't you restore it?

Too far back, and plus he deleted all my system restore points