(solved) Infected with RAT Malware

[MichalPlays]

My Windows 11 KVM is or was infected with a RAT Malware after I become victim of Google Poisoning. Basically I searched for VLC Player, got a link that looked legit on the first look and I ran the software. Hours after this I was experiencing lags in CoD WZ 2.0 and when I left the laptop sit on my desk while I was repairing a iPhone, the mouse cursor started moving and the hacker began searching for "recovery", "wallet", "bitcoin" and "keyphrase" across my 3 cloud storage providers.
Luckily I'm not that stupid and saved those informations offline, on my old S3 mini with broken baseband, bt and wifi XD

Now the question is, should I reinstall Windows or should I just trust the AV results. I installed Malwarebytes premium from this forum and I ran my purchased Kaspersky Premium AV and both were only able to find the VLC player and a Monero Miner in my C:\Windows\Systemapps\explorer_refresh_service.exe
Unfortunetly I can't recover the backups because it looks like the hacker deleted both the online and local NAS backups.

 

[Chuck]

The only way to be sure that you are safe is to format all affected drives and then do a clean Windows installation.

Next time use a decent anti-virus app.
Do some research before you choose one.
For proper tests of AV apps, this is my go-to site. Look for consumer products and real world tests.
https://www.av-comparatives.org

This site is also worth looking at.
https://www.av-test.org/en/antivirus/home-windows/

TL;DR If you can't be bothered to do your own research and you want a free app then get Avast or AVG. Or you could stay with Defender.

 

[MichalPlays]

The only way to be sure that you are safe is to format all affected drives and then do a clean Windows installation.

Next time use a decent anti-virus app.
Do some research before you choose one.
For proper tests of AV apps, this is my go-to site. Look for consumer products and real world tests.
https://www.av-comparatives.org

This site is also worth looking at.
https://www.av-test.org/en/antivirus/home-windows/

TL;DR If you can't be bothered to do your own research and you want a free app then get Avast or AVG. Or you could stay with Defender.

That was my Nr. 1 mistake. I used the included AV. I don't know what I was thinking but I learned my lesson. The thing was that the KVM was intended to be used for gaming and I only used the Ledger Live and software crypto wallet because they run better on Windows.
Luckily TeamOS, my open source PW manager, brave sync and ftp server accounts were not used on this machine. They were actually running on the host OS (Arch Linux, btw) and the host was completly isolated in a matter where KVM had LAN card redirected on it and Arch was only able to see and use the WiFi 6e card.
Well, I'll have to copy the game save files, switch emulator data and a couple of .jpeg files to my crappy SK hynix SSD that I actually wanted to use on my Windows XP retro gaming PC XD