[TUT]Remove Rat Servers/Trojans/Connections - Printable Version +- Support Forums (https://www.supportforums.net) +-- Forum: Categories (https://www.supportforums.net/forumdisplay.php?fid=87) +--- Forum: Virus Protection, Removals, and HJT Team (https://www.supportforums.net/forumdisplay.php?fid=56) +---- Forum: Computer Security, Firewalls, and Antivirus (https://www.supportforums.net/forumdisplay.php?fid=10) +---- Thread: [TUT]Remove Rat Servers/Trojans/Connections (/showthread.php?tid=18615) |
[TUT]Remove Rat Servers/Trojans/Connections - M_a_X - 05-08-2011 Definition of a rat: Remote admin tool usually just to fudge with people or to steal Personall info like key logs and other info. They are very noobish actually because anyone can remove them without anti virus software. Also this may not even be a rat you could be part of a Hostboter army. THis means your connection will get laggy every time that 9 year old wants to haxxor that kid of xbox. Now how to remove them ------------------------------------------------------------------------ Open Cmd By going to STart > RUn type Cmd (or just search for cmd in Search bar) Run as admin Then Type this in {Netstat -b -n -o} Then look for all COnnection and weird program names Like Windows Defender having a connection = no no Taskmgr connection = no no Cmd connection = no no Well just about anything but skype ICq aim etc is probably a rat server Now to remove them go to run this time and type Msconfig Go to startup Scroll down till you see the weird crap then Uncheck and hit apply Then exit restart and no more rat servers unlesss they have persistance Then you Task kill them before hand RE: [TUT]Remove Rat Servers/Trojans/Connections - bling111 - 05-08-2011 There are a few flaws in this tutorial. With only the name you cannot judge if something is a RAT. A RAT can be called Iexplorer.exe. Also if you delete it from startup the actual file is still there so you are still infected. The tutorial itself is well written only the method contains a few flaws. Thanks for the effort! RE: [TUT]Remove Rat Servers/Trojans/Connections - Resistance - 05-08-2011 No offense OP but this is a terrible way to remove any kind of RAT. All your doing here is removing a start up item and disabling your internet connection. I highly advise nobody follow this tutorial for the safety of your computer. Sorry OP. You must use an Anti-Virus of some sort, or COMODO Firewall to track down properly the connection being made outbound or inbound. Use MalwareBytes to remove the RAT completely. RE: [TUT]Remove Rat Servers/Trojans/Connections - Carbon Nox - 05-08-2011 Since DarkComet provides MSConfig disable and other annoying features. If you are infected you would be unable to preform these tasks. The best way to remove a infection is prevention; for example moving to a new OS like Ubuntu. Or not visiting untrusted site and running downloads from strangers. If you do find yourself infected, disconnect from the internet boot into safe mode and run some scans. Then on a clean PC report to the HJT + Change your passwords. With a virtual keyboard if possible. Also remember to set recovery questions. RE: [TUT]Remove Rat Servers/Trojans/Connections - Resistance - 05-08-2011 (05-08-2011, 02:51 PM)Carbon Nox Wrote: Since DarkComet provides MSConfig disable and other annoying features. If you are infected you would be unable to preform these tasks. The best way to remove a infection is prevention; for example moving to a new OS like Ubuntu. Or not visiting untrusted site and running downloads from strangers. If you do find yourself infected, disconnect from the internet boot into safe mode and run some scans. Then on a clean PC report to the HJT + Change your passwords. With a virtual keyboard if possible. Also remember to set recovery questions. Well really thats why we have got safe mode, and yes, RATs can get detected by AVs and Anti-Spyware progs as well. This is one of these worst tutorials on how to fully remove a RAT RE: [TUT]Remove Rat Servers/Trojans/Connections - Carbon Nox - 05-08-2011 (05-08-2011, 03:01 PM)The High Roller Wrote: Well really thats why we have got safe mode, and yes, RATs can get detected by AVs and Anti-Spyware progs as well. This is one of these worst tutorials on how to fully remove a RAT Hmm, thats one of my points. You shouldn't need safe mode. Just like you shouldn't need all the things you do, but we have them for security. Why do we need to security? To protect ourselves. From what though? Who else? Us. Just like with anything else we will destroy ourselves however humans don't have safe-boot. Anyway most AVs are corporate bullshit. Norton for example makes your PC worse... RE: [TUT]Remove Rat Servers/Trojans/Connections - INC3PT!0N™ - 06-14-2011 yea you cant always detect a RAT, you can just change the description, name, licence etc. But on the whole its a decent tut, thanks RE: [TUT]Remove Rat Servers/Trojans/Connections - epic - 06-14-2011 Nice tutorial, this will come in handy. RE: [TUT]Remove Rat Servers/Trojans/Connections - +Moon - 06-18-2011 Good job dude. Don't listen to these ones. |