1. Forums /
  2. Tech Boards /
  3. Computer Programming /
  4. Computer Programming Inquires /
  5. How can i get rid of a RAT? -.-
Post: How can i get rid of a RAT? -.-
10-09-2011, 06:37 PM #1
Scouser94's Avatar
Scouser94
(adsbygoogle = window.adsbygoogle || []).push({}); Well unfortunately i have installed a RAT onto my pc:/ I have downloaded malware bytes and thats removed all the stuff it thought was malicous uhmm i also have ESET and that didnt detect shitAngry But im 100% sure ive installed one because i have spoke to the douche bag in my search bar (win7) :p can anyone suggest anything else * a last resort would be a format - but then id be nervous of installing programs i had:()

Thanks for any advice in advance

Scouser
10-09-2011, 06:47 PM #2
Durk's Avatar
Durk
spending vbux, offer me..
run msconfig and stop anything suspicious running on startup (do it while not connected to the internet)
10-09-2011, 09:58 PM #3
Chrom3D's Avatar
Chrom3D
Big Sister
Originally posted by Scouser94 View Post
Well unfortunately i have installed a RAT onto my pc:/ I have downloaded malware bytes and thats removed all the stuff it thought was malicous uhmm i also have ESET and that didnt detect shitAngry But im 100% sure ive installed one because i have spoke to the douche bag in my search bar (win7) :p can anyone suggest anything else * a last resort would be a format - but then id be nervous of installing programs i had:()

Thanks for any advice in advance

Scouser


Method 1

CTRL + ALT + DEL

In the process list look for a file similar to the name of the program you installed while getting infected by the RAT. You'll also need to disable your internet connection while doing this. Since he can literally control everything on your computer, including webcam, open up whatever he wants, download stuff ++.

If he have blocked you from accessing task manager, try starting up in safe mode.

Method 2

If even this won't work do this:

Download this You must login or register to view this content.

Do a system scam + save the log file.

Now look for the RAT. It's most likely to be stored in either HKCU or HKLM. An example of what it could look like is HkUM\..\Run: [HKCU] c:\windows\system32\instal\explorer.exe

Now once you found it, check the box next to it, and click fix checked. Click yes to permantly remove it from your system.

Then restart You pc ----
Now open were u note the registry
it will be like (example :- " HkUM\..\Run: [HKCU] c:\windows\system32\instal\svchost.exe" )
it is the location where the server(keylogger/Rat) is stored go to that place (go to folder option --- View -- mark " show hidden files .folders and drives " and remove mark from " Hide protected operating system in file (recommended) "
and click apply and press ok )

Then u can see that folder " instal " as it was in loaction of hijackthis delete that file
( clean your temp file and run disk cleanup )
note :- ( Install personal firewall it will block when this kind keylogger and Rat try to connect to internet so u can be safe )
i recommend install " avira_premium_security_suite " it work for nw

Thanks to h4ck3r for some additional information Winky Winky

Copyright © 2024, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo