(adsbygoogle = window.adsbygoogle || []).push({}); I was stupid while trying to get a free crypter for my server and someone got their RAT on my $2.5k laptop I know its there because after being suspicous I ran a full scan on my computer and I left it alone for a sec and noticed my webcam light was on that my mouse was moving and someone was trying to cancel the scan so I panniced and just turned off my uactkaptop, I then started my laptop again in safe mode. And the get to my actual question:

-if I restored my laptop to over three days ago ( I know the RAT was downloaded within the past hour ) should it be removed from computer? Even if the RAT is located in /system32/ ? :/ Sorry i just don't want my laptop to get Fu@K3D up:/

Enable the ability to see hidden files then look for the server in your appdata.

I dont think a RAT trap will work in this case. :|

System Restore will do the job, but if he managed to go find the WindowsRestore folder and delete them, yeah just tell me cause i much more solutions. Go to Uninstall a program from Control panel and click the date tab with an arrow point downward so i will sort the download programs from past to recent, then go delete the last program or the program you think you installed.
If these dont work then disconnect your laptop from the internet then scan the PC again.
If all my steps did not work then create a window installation disc for your OS.

Hey Im hacking with rats since years..
If the guys used a good crypter for his server its on you System 32 folder and even works in Safe Mode (when network is enabled).

I can help you out (without programms and shit and without formatting) just add my skype: runescapelover666 and we will delete the virus in 10 seconds

Do what I do, the easy way. Pop in a windows install disk and install over everything. Don't forget to format the drive.

That's like the last thing you would want to do, as you would loose all the data on your hard drive. If you had to do this, if you had any data on the computer, I'd get it backed up.

Most of the time I already do have backups but if you don't, ehh i dont know what to say. Try to make backups and then run an antivirus on the hard drive with another already secured computer. Re-Download all of the drivers for the infected computer then re-install windows.

Disconnect From Web > Run Virus Scan > View Hidden Folders > Scout AppData + Temp File Locations > Delete any suspicious files that were created or modified within the last day of the virus > Restart PC > Restore Internet Connection.

If it persists, might just need to boot offline and get your images and audio files off. .exe files, dlls, etc you will not want to move over as the can be infected.

Good luck.