- Joined
- Apr 15, 2017
- Messages
- 540
- Thread Author
- #1
This is a tutorial for those that aren't too computer savvy that might just save you from being totally cleaned because you mistakenly downloaded the wrong thing.
What is a RAT?
RAT
RAT stands for Remote Administration Tool and were originally created for remote support of computers but has later on been abused by people to trick people to download them and gain access to their PC. A rat works the way that you infect a file with your RAT, and when someone downloads and run it in most cases it will start a connection between the infected PC and a server or the hackers computer. With that connection the hacker can do anything he wants to you. A few common things to do is steal players passwords, take control of their mouse and keyboard, write custom error messages and make them look like windows errors and turn on peoples webcam.
You get on a RAT by downloading their infected file, therefore you should never download or click any links that you don't know what is. I'm mentioning links because of the so called "Drive by" viruses. Every time you visit a website there will be some material, example a picture that you need to download and load before entering the site. Some people has succeeded in putting their RAT's inside these source codes.
So basically it creates a connection between yours and the hackers computer and from there he has the same control of your computer as you have which makes it extremely dangerous to your computer. Another good tip is to never leave your computer unlocked as you never know whats on your computer.
What is a Keylogger?
Keyloggers
A keylogger works like a RAT although it doesn't have the same features. All it does it listen on your PC for entered usernames and passwords. When you type in a username or password the keylogger logs it and usually sends it to the hackers PC or a FTP server or email address. You get it the same way as a RAT and just like the RAT it creates a connection. Not much more to say about them.
How do i protect myself?
Well my best guess would be to stay updated. Never run without a fully updated OS. Update your drivers, java version, flash version and what ever you might have. Get a good security program, having a free antivirus program wont fully protect you. You need a firewall and spyware detecting as well. If you dont know what to buy i will personally advice you to buy BullGuard Internet Security. It costs about $100 and there is a 60 days free trial. They recently won the award for the best internet security program on the market with a detection rate of 100%.
HELPFUL PROGRAMS LIST~
Free Cyber Security & Anti-Malware Software
CCleaner - Free Download or try CCleaner Professional - Piriform
I suggest using a file scanner for whatever you decide to download. Using more than one scanner is recommend as some are hidden well and one scanner website might not detect anything. You can also use malwarebytes to scan files.
file scanner - Google Search
I HAVE A RAT WHAT DO I DO?!
1) Firstly an extremely easy way to tell if you've been ratted is to go to your folder options, and uncheck hide protected operating system files and show hidden files and folders. Then go to your C drive and if there is any folder called WinUpdate, that is a rat. In addition to that, go to your appdata root, roaming and all other folders in your appdata. If you find any files or folder that look like they belong to your system like windows defender or anything like that, those are all rats.
2) Secondly, you may open your process list by holding control alt delete, and open your task manager. Check the box or click show processes from all users. Look for any double processes, most commonly winlogon, windefender, and winupdate are doubles, if so look for the one that is not controlled by the system, but instead look for the one that has your username under user. Also, if the process has a randomized description and you don't recognize the process, it is most likely a rat. To find the location, right click it and press open file location.
3) How to Remove. Before you start ending processes, deleting files, please read this to prevent damage to your computer. If you end the process or delete the file, it may not let you, or you'll get a blue screen and your system will crash. To fix this, hold your power button until your computer shuts off. Start up again and boot into safe mode. From here go to the file location you discovered from the process list or wherever you found it. From there, you can safely delete it. After or before this, install and run malwarebytes on your system to ensure it is completely gone. Another thing you can do if it is not a sophisticated rat, you can simply create a new user and delete the other.
Please note, this is not a 100% sure fire way to get rid of a rat, but it will usually work. The rat may have spread even further though, in which case, you should do a system restore or have a professional or friend help you completely delete it.
credits to a few sources used
What is a RAT?
RAT
RAT stands for Remote Administration Tool and were originally created for remote support of computers but has later on been abused by people to trick people to download them and gain access to their PC. A rat works the way that you infect a file with your RAT, and when someone downloads and run it in most cases it will start a connection between the infected PC and a server or the hackers computer. With that connection the hacker can do anything he wants to you. A few common things to do is steal players passwords, take control of their mouse and keyboard, write custom error messages and make them look like windows errors and turn on peoples webcam.
You get on a RAT by downloading their infected file, therefore you should never download or click any links that you don't know what is. I'm mentioning links because of the so called "Drive by" viruses. Every time you visit a website there will be some material, example a picture that you need to download and load before entering the site. Some people has succeeded in putting their RAT's inside these source codes.
So basically it creates a connection between yours and the hackers computer and from there he has the same control of your computer as you have which makes it extremely dangerous to your computer. Another good tip is to never leave your computer unlocked as you never know whats on your computer.
What is a Keylogger?
Keyloggers
A keylogger works like a RAT although it doesn't have the same features. All it does it listen on your PC for entered usernames and passwords. When you type in a username or password the keylogger logs it and usually sends it to the hackers PC or a FTP server or email address. You get it the same way as a RAT and just like the RAT it creates a connection. Not much more to say about them.
How do i protect myself?
Well my best guess would be to stay updated. Never run without a fully updated OS. Update your drivers, java version, flash version and what ever you might have. Get a good security program, having a free antivirus program wont fully protect you. You need a firewall and spyware detecting as well. If you dont know what to buy i will personally advice you to buy BullGuard Internet Security. It costs about $100 and there is a 60 days free trial. They recently won the award for the best internet security program on the market with a detection rate of 100%.
HELPFUL PROGRAMS LIST~
Free Cyber Security & Anti-Malware Software
CCleaner - Free Download or try CCleaner Professional - Piriform
I suggest using a file scanner for whatever you decide to download. Using more than one scanner is recommend as some are hidden well and one scanner website might not detect anything. You can also use malwarebytes to scan files.
file scanner - Google Search
I HAVE A RAT WHAT DO I DO?!
1) Firstly an extremely easy way to tell if you've been ratted is to go to your folder options, and uncheck hide protected operating system files and show hidden files and folders. Then go to your C drive and if there is any folder called WinUpdate, that is a rat. In addition to that, go to your appdata root, roaming and all other folders in your appdata. If you find any files or folder that look like they belong to your system like windows defender or anything like that, those are all rats.
2) Secondly, you may open your process list by holding control alt delete, and open your task manager. Check the box or click show processes from all users. Look for any double processes, most commonly winlogon, windefender, and winupdate are doubles, if so look for the one that is not controlled by the system, but instead look for the one that has your username under user. Also, if the process has a randomized description and you don't recognize the process, it is most likely a rat. To find the location, right click it and press open file location.
3) How to Remove. Before you start ending processes, deleting files, please read this to prevent damage to your computer. If you end the process or delete the file, it may not let you, or you'll get a blue screen and your system will crash. To fix this, hold your power button until your computer shuts off. Start up again and boot into safe mode. From here go to the file location you discovered from the process list or wherever you found it. From there, you can safely delete it. After or before this, install and run malwarebytes on your system to ensure it is completely gone. Another thing you can do if it is not a sophisticated rat, you can simply create a new user and delete the other.
Please note, this is not a 100% sure fire way to get rid of a rat, but it will usually work. The rat may have spread even further though, in which case, you should do a system restore or have a professional or friend help you completely delete it.
credits to a few sources used
Last edited:
