[MrCoo]

Hello All,
I really need help.
I got a trojan, it is a RAT(Remote Access Trojan), and the program used to do it is xHacker, and more. There is more other than that one. Do I have to do a complete OS Reinstall? If I do can I backup my stuff? I have a lot of irreplaceable stuff. One friend of mine who is really computer savvy told me I have to do a complete reinstall and can't back up anything because everything on both of my harddives! What do I do?

-Thanks alot!!

[Judas]

have you tried super anti-spyware to see if it could clean it up?

SUPERAntiSpyware.com - Downloading File

it's free and does an excellent job... it maybe one of your best chances.....

hopefully you can get it cleaned up enough to backup your stuff...

[Tipstaff]

How do you know you have a remote access trojan? Did an anti virus software, or anti spyware program warn you of this?

There are a couple programs to try.

First is the program Judas mentioned. Probably one of the best programs of it's kind.

Second program is called SDFix, which you can read up on HERE, and download HERE. This is a collection of rootkit/trojan removal tools that have been setup to run consecutively for specific rootkits/trojans, as well as to reset specific settings within Windows. All you need to do is download the program, extract it, run it, and one of the options will be to download the latest version. Do so, extract that new download, and reboot Windows into Safe Mode using the same user account you use under normal Windows. Once in Safe Mode run the file called RunThis.bat. Let it do it's thing, when it wants to reboot, do so, and once Windows loads it will finish up the cleaning process. Then, reboot back into Safe Mode, and run it again. Once you've done this twice you will want to scan your system for anything left over.

NOTE: you will need to redo some settings, such as Windows Firewall, and a few other network related things, such as any tweaks you might have done for performance after you run SDFix as it will reset a whole lotta things back to their default settings.

[MrCoo]

Well, when i downloaded a zip file. it had the xhacker.exe file in it and i mistakeable clicked it. later that night when i was talking to my friend using google talk everytime i was typing it would pause and take long times to send the message - it never did that before. Nothing has warned me of it. I didn't know what half the icons in there were - like pro rat(lol i know). and i just clicked them - dumb. but i've learned my lesson. but my comp runs very slow.

[MrCoo]

also - can i save my documents? If you have a RAT, can u still save them?I have alot of stuff of every file type basically.

[MrCoo]

So if you have a RAT, do you have to wipe all your documents? Or can you back them up after you got the Trojan and not get the same one when you put it on your clean OS? This is my main concern.

[Judas]

it really REALLY depends on several things....

typically some viruses WON'T infect specific documents, but some do, and if you try and back it up, there is a HIGH chance that you'll just reinfect yourself when you attempt to load the backups..

usually best method is to try and clean the machine up best you can, then do a backup, and then wipe everything...

then reinstall, along with a number of anti-virus/spyware programs running while you pop in the backups, thoroughly scan the backups.. and hope that nothing is found....