My brother's friends managed to download some kind of Remote Access Trojan (RAT) on our Windows computer, supposedly named 'Annabelle' or something close to that. My dad has already tried a bunch of steps: restarting, using Malwarebytes, isolating the files, and disconnecting from the internet. However, we're still unable to access Task Manager, Settings, or even any video games on Steam. Is there any way to salvage this without doing a factory reset, or am I really stuck with having to do that? I'm not very tech-savvy, so any advice would be appreciated to help my family out.
4 Answers
Another quick option could be to delete the partition and recreate it before reinstalling Windows. It might be faster than going through all these manual removal steps.
If a RAT has taken hold of your system, the best option is usually to do a complete reinstall while wiping the drive. Once a RAT has that level of access, there's really no 100% safe way to remove it without starting fresh.
Have you tried booting your computer in safe mode? That can sometimes give you access to remove malware that’s blocking you from doing anything in normal mode.
Is there a way to back up my files now or is that a lost cause? Sorry if that sounds like a silly question!
You could try digging into the registry with REGEDIT, focusing on the Policies sections, but it’s a tricky method. Given the situation, a reset might actually be your best bet if you can't get it cleaned up.
That sounds complicated! If we do a drive wipe, will that definitely get rid of it?
Yes, we tried that but unfortunately, we still can't get it open.