How to prevent RATs?

Discussion in 'Computer Software and Operating Systems' started by DarkFlare69, Mar 5, 2016.

  1. DarkFlare69
    OP

    DarkFlare69 GBAtemp Psycho!

    Member
    4,744
    2,602
    Dec 8, 2014
    United States
    Ohio
    This is the 4th time I've had a RAT. 3 different PCs.

    Here's how it happened, someone sent me this info: http://prntscr.com/abe0v6

    In my AppData, I had this: http://prntscr.com/abe05b

    I can remove it. That's not a problem. The problem is how do I prevent future ones? My PC has been taking a long time to log on lately...

    If someone can help I'll pay you $10.
     
  2. Ammiirraahh.
    This message by Ammiirraahh. has been removed from public view by Veho, Mar 5, 2016, Reason: Pointless bullshit.
    Mar 5, 2016
  3. DarkFlare69
    This message by DarkFlare69 has been removed from public view by Veho, Mar 5, 2016.
    Mar 5, 2016
  4. TheGrayShow1467

    TheGrayShow1467 屈折

    Member
    935
    1,204
    Oct 12, 2014
    United States
  5. PokeAcer

    PokeAcer Banned

    Banned
    1,430
    1,061
    May 28, 2015
    United Kingdom
    Wales
    You don't. Pay for your immature behaviour and get a RAT.
     
  6. Ammiirraahh.
    This message by Ammiirraahh. has been removed from public view by Veho, Mar 5, 2016, Reason: Pointless bullshit.
    Mar 5, 2016
  7. DarkFlare69
    OP

    DarkFlare69 GBAtemp Psycho!

    Member
    4,744
    2,602
    Dec 8, 2014
    United States
    Ohio
    I'm not here for your input.

    I never downloaded shit. I'll read that.
     
  8. Ammiirraahh.
    This message by Ammiirraahh. has been removed from public view by Veho, Mar 5, 2016, Reason: Pointless bullshit.
    Mar 5, 2016
  9. TheGrayShow1467

    TheGrayShow1467 屈折

    Member
    935
    1,204
    Oct 12, 2014
    United States
    'Twas a joke. But anyway, the link is what I found. Whether or not it's helpful, that's for you to find out.
     
  10. DarkFlare69
    OP

    DarkFlare69 GBAtemp Psycho!

    Member
    4,744
    2,602
    Dec 8, 2014
    United States
    Ohio
    Will that actually prevent them?
     
  11. zoogie

    zoogie simple pimp tool

    Member
    6,518
    8,391
    Nov 30, 2014
    United States
    Did you encounter these RATs through the Deep Web?
     
    Last edited by zoogie, Mar 5, 2016
  12. TheGrayShow1467

    TheGrayShow1467 屈折

    Member
    935
    1,204
    Oct 12, 2014
    United States
    Alright mate, if you're here to anger people on the internet, can ya kindly piss off? Thanks.

    It should hopefully. I've never had a RAT.
     
  13. Ammiirraahh.
    This message by Ammiirraahh. has been removed from public view by Veho, Mar 5, 2016, Reason: Pointless bullshit.
    Mar 5, 2016
  14. Memoir

    Memoir A Hero to Zero

    Member
    GBAtemp Patron
    Memoir is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    5,078
    4,903
    Jun 24, 2007
    United States
    Wyoming
    I sincerely hate posts like these. Rats and the like don't just happen. You, or someone who may have used your computer, downloaded something that causes this. The whole "I did nothing" shtick is pure bullshit when it comes to these problems.

    I always run Windows Defender and MBAM, and have never had these issues. Maybe it'll help you. Also CCleaner to delete your cookies and what have you.
     
    PokeAcer likes this.
  15. DarkFlare69
    OP

    DarkFlare69 GBAtemp Psycho!

    Member
    4,744
    2,602
    Dec 8, 2014
    United States
    Ohio
    I legit didn't do shit. I have all his skype accounts blocked. And he said he sent it through my wifi or something.
     
    Memoir likes this.
  16. Ammiirraahh.

    Ammiirraahh. Newbie

    Newcomer
    1
    1
    Feb 5, 2016
    United States
    I am skeptical regarding that assertion.
     
    PokeAcer likes this.
  17. Memoir

    Memoir A Hero to Zero

    Member
    GBAtemp Patron
    Memoir is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    5,078
    4,903
    Jun 24, 2007
    United States
    Wyoming
    Call your ISP and request an IP change. Only after you do a clean wipe/install. I know it can be deleted, but better safe than sorry. Personally I'd just replace the hard drives.

    Wait, is it this kid in the thread?
     
  18. xihx

    xihx Advanced Member

    Newcomer
    61
    16
    Aug 16, 2015
    Australia
    Vienna
    That local file is a GTA5 config... & Zeto's lying about putting that in.
     
  19. DarkFlare69
    OP

    DarkFlare69 GBAtemp Psycho!

    Member
    4,744
    2,602
    Dec 8, 2014
    United States
    Ohio
    I realized that, lol. Are you sure hes lying?
     
  20. xihx

    xihx Advanced Member

    Newcomer
    61
    16
    Aug 16, 2015
    Australia
    Vienna
    Defiently.
     
  21. TheGrayShow1467
    This message by TheGrayShow1467 has been removed from public view by Veho, Mar 5, 2016.
    Mar 5, 2016
  22. DarkFlare69
    This message by DarkFlare69 has been removed from public view by Veho, Mar 5, 2016.
    Mar 5, 2016
  23. TheGrayShow1467
    This message by TheGrayShow1467 has been removed from public view by Veho, Mar 5, 2016.
    Mar 5, 2016
  24. DarkFlare69
    OP

    DarkFlare69 GBAtemp Psycho!

    Member
    4,744
    2,602
    Dec 8, 2014
    United States
    Ohio
    He can just go to my skype and resolve it again.

    — Posts automatically merged - Please don't double post! —

    Yes, this is him. probably is reading this as i type.
     
    Memoir likes this.
  25. MarcusD

    MarcusD ソノちゃん❤\xF0\x9F\x8D\xBC

    Member
    1,192
    2,475
    Oct 16, 2015
    Austria
    /Users/Sono/
    First of all, I don't recommend you to use the fully desktop version of Skype at this point. Using Firefox with Skype plugin is a gajillion times more safe.
    If you don't want to switch to web.skype.com, then run into Skype settings, and change some stuff:
    privacy-> privacy settings:
    - only allow calls from your partnerlist
    - disable automatic videocall acceptance
    - set only allow messages from partnerlist
    - disable all 3 checkboxes
    - optionally delete skype cookies
    call-> call settings:
    expand settings with "detailed settings" button
    - uncheck all checkboxes
    - set call acceptance to from partnerlist only
    text messages (the one below "call")-> message-exchange options:
    click on "detailed settings" button
    - set file save location to "always ask"
    - only allow messages from partnerlist
    special-> advanced settings:
    - disable that M$ tracking thingy checkbox
    special-> connection:
    - disable all checkboxes

    Save, and restart Skype.


    After that (sadly) you'll need to open (*gulp*) Internet Explorer at ESET's Online Scanner, or just download the installer exe, both does the same, and perform a scan with the following settings:
    - Enable detection of unwanted apps
    - Enable detection of potentially unsafe apps
    - Enable detection of suspicious apps
    - Scan archives
    - Enable Anti-Stealth
    - Disable auto-clean threats
    And do a scan.
    Note: I'm not advertising, I'm trying to help.

    While the scanning is going, acquire yourself a Process Explorer, a taskmanager on steroids. It's much more easier to spot the infected process in that, because it can categorize the processes, so you can spot any out-of-place process names.
    If you -for some reason- can't kill the process with it (like the system BSoDs, or access violation), then report that, because I have solutions for those too :evil:


    I hope I didn't miss some obvious stuff :wacko:
     
    Last edited by MarcusD, Mar 5, 2016 - Reason: I CAN'T TYPE ON PHONE WITHOUT A TYPO!
    DarkFlare69 and Tomato Hentai like this.
  26. DarkFlare69
    OP

    DarkFlare69 GBAtemp Psycho!

    Member
    4,744
    2,602
    Dec 8, 2014
    United States
    Ohio
    I appreciate the long message and help. Im going to try all that. Is web.skype still safer even after doing all that stuff to normal skype?

    And, he has a RAT in one of my PCs upstairs which I can't format. Is there a way to block local communication between the two? Mine is on 5G and the other is on 2.4G, if that matters.
     
  27. MarcusD

    MarcusD ソノちゃん❤\xF0\x9F\x8D\xBC

    Member
    1,192
    2,475
    Oct 16, 2015
    Austria
    /Users/Sono/
    Yes.

    I assume you're using Win8:
    - Click on the network icon on the taskbar
    - On the right sidebar richt-click your connection, enable/disable sharing, No, I don't turn it on (for public places)
     
  28. DarkFlare69
    OP

    DarkFlare69 GBAtemp Psycho!

    Member
    4,744
    2,602
    Dec 8, 2014
    United States
    Ohio
    Im using 7, but i might upgrade to 10