How to prevent RATs?

DarkFlare69

DarkFlare69

Well-Known Member
OP
Member
Level 15
Joined
Dec 8, 2014
Messages
5,147
Trophies
2
Location
Chicago
XP
4,751
Country
United States
This is the 4th time I've had a RAT. 3 different PCs.

Here's how it happened, someone sent me this info: http://prntscr.com/abe0v6

In my AppData, I had this: http://prntscr.com/abe05b

I can remove it. That's not a problem. The problem is how do I prevent future ones? My PC has been taking a long time to log on lately...

If someone can help I'll pay you $10.
 
DarkFlare69

DarkFlare69

Well-Known Member
OP
Member
Level 15
Joined
Dec 8, 2014
Messages
5,147
Trophies
2
Location
Chicago
XP
4,751
Country
United States
Kioku

Kioku

猫。子猫です!
Member
Level 25
Joined
Jun 24, 2007
Messages
12,018
Trophies
3
Location
In the Murderbox!
Website
www.twitch.tv
XP
16,180
Country
United States
DarkFlare69 said:
I'm not here for your input.


I never downloaded shit. I'll read that.

--------------------- MERGED ---------------------------


Then grow up and get a better past time.
Click to expand...
I sincerely hate posts like these. Rats and the like don't just happen. You, or someone who may have used your computer, downloaded something that causes this. The whole "I did nothing" shtick is pure bullshit when it comes to these problems.

I always run Windows Defender and MBAM, and have never had these issues. Maybe it'll help you. Also CCleaner to delete your cookies and what have you.
 
  • Like
Reactions: Deleted User
DarkFlare69

DarkFlare69

Well-Known Member
OP
Member
Level 15
Joined
Dec 8, 2014
Messages
5,147
Trophies
2
Location
Chicago
XP
4,751
Country
United States
Mchief298 said:
I sincerely hate posts like these. Rats and the like don't just happen. You, or someone who may have used your computer, downloaded something that causes this. The whole "I did nothing" shtick is pure bullshit when it comes to these problems.

I always run Windows Defender and MBAM, and have never had these issues. Maybe it'll help you. Also CCleaner to delete your cookies and what have you.
Click to expand...
I legit didn't do shit. I have all his skype accounts blocked. And he said he sent it through my wifi or something.
 
  • Like
Reactions: Kioku
Kioku

Kioku

猫。子猫です!
Member
Level 25
Joined
Jun 24, 2007
Messages
12,018
Trophies
3
Location
In the Murderbox!
Website
www.twitch.tv
XP
16,180
Country
United States
DarkFlare69 said:
I legit didn't do shit. I have all his skype accounts blocked. And he said he sent it through my wifi or something.
Click to expand...
Call your ISP and request an IP change. Only after you do a clean wipe/install. I know it can be deleted, but better safe than sorry. Personally I'd just replace the hard drives.

Wait, is it this kid in the thread?
 
DarkFlare69

DarkFlare69

Well-Known Member
OP
Member
Level 15
Joined
Dec 8, 2014
Messages
5,147
Trophies
2
Location
Chicago
XP
4,751
Country
United States
Mchief298 said:
Call your ISP and request an IP change. Only after you do a clean wipe/install. I know it can be deleted, but better safe than sorry. Personally I'd just replace the hard drives.

Wait, is it this kid in the thread?
Click to expand...
He can just go to my skype and resolve it again.

--------------------- MERGED ---------------------------

Mchief298 said:
Call your ISP and request an IP change. Only after you do a clean wipe/install. I know it can be deleted, but better safe than sorry. Personally I'd just replace the hard drives.

Wait, is it this kid in the thread?
Click to expand...
Yes, this is him. probably is reading this as i type.
 
  • Like
Reactions: Kioku
Sono

Sono

cripple piss
Developer
Level 20
Joined
Oct 16, 2015
Messages
2,829
Trophies
2
Location
home
XP
9,422
Country
Hungary
First of all, I don't recommend you to use the fully desktop version of Skype at this point. Using Firefox with Skype plugin is a gajillion times more safe.
If you don't want to switch to web.skype.com, then run into Skype settings, and change some stuff:
privacy-> privacy settings:
- only allow calls from your partnerlist
- disable automatic videocall acceptance
- set only allow messages from partnerlist
- disable all 3 checkboxes
- optionally delete skype cookies
call-> call settings:
expand settings with "detailed settings" button
- uncheck all checkboxes
- set call acceptance to from partnerlist only
text messages (the one below "call")-> message-exchange options:
click on "detailed settings" button
- set file save location to "always ask"
- only allow messages from partnerlist
special-> advanced settings:
- disable that M$ tracking thingy checkbox
special-> connection:
- disable all checkboxes

Save, and restart Skype.


After that (sadly) you'll need to open (*gulp*) Internet Explorer at ESET's Online Scanner, or just download the installer exe, both does the same, and perform a scan with the following settings:
- Enable detection of unwanted apps
- Enable detection of potentially unsafe apps
- Enable detection of suspicious apps
- Scan archives
- Enable Anti-Stealth
- Disable auto-clean threats
And do a scan.
Note: I'm not advertising, I'm trying to help.

While the scanning is going, acquire yourself a Process Explorer, a taskmanager on steroids. It's much more easier to spot the infected process in that, because it can categorize the processes, so you can spot any out-of-place process names.
If you -for some reason- can't kill the process with it (like the system BSoDs, or access violation), then report that, because I have solutions for those too :evil:


I hope I didn't miss some obvious stuff :wacko:
 
Last edited by Sono, , Reason: I CAN'T TYPE ON PHONE WITHOUT A TYPO!
  • Like
Reactions: DarkFlare69 and Deleted User
DarkFlare69

DarkFlare69

Well-Known Member
OP
Member
Level 15
Joined
Dec 8, 2014
Messages
5,147
Trophies
2
Location
Chicago
XP
4,751
Country
United States
MarcusD said:
First of all, I don't recommend you to use the fully desktop version of Skype at this point. Using Firefox with Skype plugin is a gajillion times more safe.
If you don't want to switch to web.skype.com, then run into Skype settings, and change some stuff:
privacy-> privacy settings:
- only allow calls from your partnerlist
- disable automatic videocall acceptance
- set only allow messages from partnerlist
- disable all 3 checkboxes
- optionally delete skype cookies
call-> call settings:
expand settings with "detailed settings" button
- uncheck all checkboxes
- set call acceptance to from partnerlist only
text messages (the one below "call")-> message-exchange options:
click on "detailed settings" button
- set file save location to "always ask"
- only allow messages from partnerlist
special-> advanced settings:
- disable that M$ tracking thingy checkbox
special-> connection:
- disable all checkboxes

Save, and restart Skype.


After that (sadly) you'll need to open (*gulp*) Internet Explorer at ESET's Online Scanner, or just download the installer exe, both does the same, and perform a scan with the following settings:
- Enable detection of unwanted apps
- Enable detection of potentially unsafe apps
- Enable detection of suspicious apps
- Scan archives
- Enable Anti-Stealth
- Disable auto-clean threats
And do a scan.
Note: I'm not advertising, I'm trying to help.

While the scanning is going, acquire yourself a Process Explorer, a taskmanager on steroids. It's much more easier to spot the infected process in that, because it can categorize the processes, so you can spot any out-of-place process names.
If you -for some reason- can't kill the process with it (like the system BSoDs, or access violation), then report that, because I have solutions for those too :evil:


I hope I didn't miss some obvious stuff :wacko:
Click to expand...
I appreciate the long message and help. Im going to try all that. Is web.skype still safer even after doing all that stuff to normal skype?

And, he has a RAT in one of my PCs upstairs which I can't format. Is there a way to block local communication between the two? Mine is on 5G and the other is on 2.4G, if that matters.
 
Sono

Sono

cripple piss
Developer
Level 20
Joined
Oct 16, 2015
Messages
2,829
Trophies
2
Location
home
XP
9,422
Country
Hungary
Yes.

I assume you're using Win8:
- Click on the network icon on the taskbar
- On the right sidebar richt-click your connection, enable/disable sharing, No, I don't turn it on (for public places)
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Eiyuden Chronicle Hundred Heroes SAVE FILE

What is something that You regret buying and it haunts you to this day?

Still no Windows 11 minimum requirements HELP

Can I use my laptop to convert wifi to WEP?

VirtualBox - "Failed to create Medium Storage"

Gaming  San Andreas co-op mode history?

I need help with my oculus quest 2

M$ will block PCs from running Windows 11 unless the CPU supports SSE4.2

General chit-chat
Help Users
  • SylverReZ @ SylverReZ:
    They probably said "Hey, why not we combine the two together and make a 'new' DS to sell".
  • Veho @ Veho:
    It's a DS Lite in a slightly bigger DS Lite shell.
     +1
  • Veho @ Veho:
    It's not a Nintendo / iQue official product, it's a 3rd party custom.
     +1
  • Veho @ Veho:
    Nothing special about it other than it's more comfortable than the Lite
    for people with beefy hands.
     +1
  • Jayro @ Jayro:
    I have yaoi anime hands, very lorge but slender.
  • Jayro @ Jayro:
    I'm Slenderman.
  • Veho @ Veho:
    I have hands.
  • Veho @ Veho:
    king-shark-hand.gif
    +1
  • BakerMan @ BakerMan:
    imagine not having hands, cringe
     +1
  • AncientBoi @ AncientBoi:
    ESPECIALLY for things I do to myself :sad:.. :tpi::rofl2: Or others :shy::blush::evil:
     +1
  • The Real Jdbye @ The Real Jdbye:
    @SylverReZ if you could find a v5 DS ML you would have the best of both worlds since the v5 units had the same backlight brightness levels as the DS Lite unlockable with flashme
  • The Real Jdbye @ The Real Jdbye:
    but that's a long shot
  • The Real Jdbye @ The Real Jdbye:
    i think only the red mario kart edition phat was v5
  • BigOnYa @ BigOnYa:
    A woman with no arms and no legs was sitting on a beach. A man comes along and the woman says, "I've never been hugged before." So the man feels bad and hugs her. She says "Well i've also never been kissed before." So he gives her a kiss on the cheek. She says "Well I've also never been fucked before." So the man picks her up, and throws her in the ocean and says "Now you're fucked."
     +2
  • AncientBoi @ AncientBoi:
    :O:ohnoes::lol::rofl::rofl2:
  • BakerMan @ BakerMan:
    lmao
  • BakerMan @ BakerMan:
    anyways, we need to re-normalize physical media

    if i didn't want my games to be permanent, then i'd rent them
     +1
  • BigOnYa @ BigOnYa:
    Agreed, that why I try to buy all my games on disc, Xbox anyways. Switch games (which I pirate tbh) don't matter much, I stay offline 24/7 anyways.
  • AncientBoi @ AncientBoi:
    I don't pirate them, I Use Them :mellow:. Like I do @BigOnYa 's couch :tpi::evil::rofl2:
     +1
  • cearp @ cearp:
    @BakerMan - you can still "own" digital media, arguably easier and better than physical since you can make copies and backups, as much as you like.

    The issue is DRM
  • cearp @ cearp:
    You can buy drm free games / music / ebooks, and if you keep backups of your data (like documents and family photos etc), then you shouldn't lose the game. but with a disk, your toddler could put it in the toaster and there goes your $60

    :rofl2:
  • cearp @ cearp:
    still, I agree physical media is nice to have. just pointing out the issue is drm
  • rqkaiju2 @ rqkaiju2:
    i like physical media because it actually feels like you own it. thats why i plan on burning music to cds
  • cearp @ cearp:
    It's nice to not have to have a lot of physical things though, saves space
     +1
  • AncientBoi @ AncientBoi:
    Nor clothes 🤮 . Saves on time, soap, water and money having to wash them. :D
    AncientBoi @ AncientBoi: Nor clothes 🤮 . Saves on time, soap, water and money having to wash them. :D