Very sneaky virus

I've lost over 150m from a logger/RAT/something the past few days and all of the routes I've tried haven't worked in removing it..

I've tried many different anti-virus programs like AVG, Malwarebytes and so on, individually and no progress has been made.

It must be embedded into my System32 because after a restore to factory settings I'm still getting my bank stolen no matter what I do. (I'm in the process of putting in a pin, but wont matter if I can't get rid of it)


So, computer wizards, advice?

 

I am not a computer wiz, but wouldn't it help if you moved the money to another acc.? Make sure to let someone trusted from another computer do the trade. That is if you have any money left. Just keep it safe until resolved.

 

99% of it was lost when I first got it. I just put like 500k here and there to make sure I still have the virus.

(Using my desktop.)

 

Not trying to insult you, but it sounds like you just need a new password on your RS account.

 

You honestly think I haven't been changing it? In fact, I've been changing it from other sources.

Some skinny Portuguese (According to the IP) kid is profiting off me and I just want it gone.

 

If you need someone to hold the gold, or to change your password from another computer, I'd do it.

On another note, I assume all your information is getting stolen as soon as you enter it? As in, you change your rs password and he gets on right away without recovering it?

 

Thanks but all of it's already gone lol.

But yep. There's definitely a keylogger in there, according to RS they're logging in from 89.180.130.157 (Portugal)

When I change it on my other computer, and check the last login it'll stay safe but as soon as I log in on my laptop, it will get robbed overnight.

 

Put on a PIN, unless they have a RAT, they cant access it.

 

Thanks for the advice.

But that wont remove the virus...

notsureifsrs

 

Honestly if AVG isn't picking it up I'd say this is no amateur. I've used AVG for years and never had anything it couldn't pick up AFAIK lol, and I torrent a lot of shit... My advice to you would be nuke the hard drive and reinstall Windows. I wouldn't take any chances with that kinda personal info.

 

Try this:

Ctrl + Alt + Delete > Task Manager > Processes Tab > End any processes that aren't famaliar.

 

As long as you log onto our account from the infected computer you're in danger, he can get your bank pin and password.

 

I can help via teamviewer, if you're sure you still have it?

Could be someone else just recovering your account ofcourse.

 

I don't even understand how I got it. The last thing I torrented was from 2006 lol. But, I'm glad it's not destroying my machine at least.

It had to have been a drive-by of some sort, but without requiring me to hit run.

edit; How would I 'nuke' my hard-drive? I've reset to factory settings which is what a lot of people refer to that as.

The password doesn't change, so that's not happening.

I'd rather not do it over teamviewer, MSN or something sure.

I've been doing that a couple times a day. Lots of Asus software but after a google searching everything that could be there, nothing. :\





*
Edit: Here's one of the IP's: http://tinypic.com/r/29o2ty8/5

 

It's impossible for me to help you without teamviewer, sorry,
but obviously I am offering this to actually help you.

I've worked at several helpdesks and have come across every kind of virus you can imagine.

 

If nothing works, back up all music,videos,pictures. What evers important(preferably not programs, because if it's a virus it's likely to hidden in one), and reformat and re-install windows.