Yesterday, I made a mistake by installing a game mod file, and it's turned out to be a RAT (Remote Access Trojan). This malware accessed my Discord account and started spamming my entire friend list with name changes and sensitive images. I tried changing my password and disconnecting from the internet. When I found a strange program called UltraViewer, I deleted it along with the mod file. I ran scans using both Malwarebytes and Kaspersky, but they didn't find any threats. Now, Malwarebytes is alerting me about a suspicious IP address trying to connect, labeled svchost.exe. I'm really worried and am not sure if I should just go ahead and reinstall Windows. What should I do?
2 Answers
What mod did you download, by the way? If it's a Minecraft mod, you might not be the only one. It could help to check forums or communities for any reports of similar issues with that mod!
First off, uninstall any suspicious programs to make sure they're completely gone. It's also a good idea to back up important files, just in case. Regarding reinstallation, yeah, a clean wipe could be a solid option if you're still having issues. Make sure to check which files you back up to avoid transferring anything harmful. Better safe than sorry!
I think a clean install is the best way to ensure everything's gone. Consider using the cloud download option for Windows 11 to make it easier.