Hey everybody, I've recently seen alot of rats being posted on the forums, so im going to post a thread on how to prevent them from being executed/removing one.
Well RAT has many names, the most common being Remote Administrative Tool/Trojan. A RAT basically allows some ****** that is using DarkComet to control your PC without you even knowing. Some features of rats include them being able to turn your webcam on, see all your saved passwords, controlling your mouse and keyboard, opening random pages, they even have the ability to delete your system32 Files, the list goes on. I know it sounds scary, thats why i want people to try to be safe, I ratted a while back and now that im looking at it, it was a dick move.
How to Prevent getting RATted
Okay there are many things you can do to NOT get ratted, simply just dont download anything at all, dont click random links, there done you wont get ratted if you do that. But this is a modding community, we have to download stuff, so lets check a program to see if its a rat or not. For this part you will need Sandboxie (
You must login or register to view this content.). I know, ironic how i told you just to not download things, but this helps, trust me. Once you install Sandboxie, you now have the option to open anything sandboxed, which basically means that when that program is open, it can only stay in the sandbox, it cant spread to your computer. If it is a rat though, it will still run, so they will have access to things that dont involve files, like being able to turn your webcam on, I usually put a piece of paper taped to the webcam so that way even if they turn it on, they cant see me.
Run the rat in a Virtual Machine, i dont have much knowledge on this topic, but from hearing people talk about it, I believe that all you need is to download a Virtual Machine (
You must login or register to view this content.), and install an OS on it, then you can run all your programs on this machine, so that way even if one slips through, its still on a machine that only has an OS on it.
How to Remove Rats
Okay, i know that RATs can be harsh, they can disable task manager making it a pain to remove, but there is one thing that no rat can stay on your PC from, a system Restore, no rat can make it through this, unless you restore to a point when the rat was already on your PC, so if you dont have that much important data on your PC, go ahead and do a system restore so that all data is wiped, along with the RAT.
Okay i recently came across a program that is in my opinion way better than task manager, its called Process Hacker(
You must login or register to view this content.). This allows you to see what your programs are doing where they came from etc. One reason i really like this program, is because when you cant end a task in task manager, it just says something along the lines of Process cannot be stopped. But if you try to end it in Process Hacker, it tells you the actual reason why it cant be stopped.
Two more things and then we are done, Okay, RATs need an internet connection, so if you arent connected to the internet, they cant do anything about it. Try to avoid connecting to the internet as much as possible. Now that we are not connected to the internet, hit the windows key and R at the same time or just open up run, and type 'regedit' no quotes, say yes to the admin stuff, then navigate to HKEY_Current_User>Software>Microsoft>Windows>Current Version>Run. This will show you the processes, and their file location, if there is something suspicious, check it out my googling the processes name, and going to that file location. When you go there, and there isnt a folder but iRegEdit says there is, you have to turn on Hidden Folders(
You must login or register to view this content.).
Last thing
. Okay now open up Run again, and type 'msconfig' no quotes, then click the startup and open task manager through that, this will tell you all the apps that run on startup. If you dont know what it is, i suggest googling it, then if there isnt much on the topic, disable it. Now go to the services tab, and make sure Hide all Microsoft services is checked, then it will tell you all the services running that arent microsoft, again if you dont know what it is, i suggest googling it, then if there isnt much on the topic, disable it.
Thanks for reading my tutorial
Check these often, for the love of god, please.
Useful Programs
IOBit Unlocker(Can Unlock files/folders making them easy to delete) -
You must login or register to view this content.