Hi,
I suspect that a RAT has been installed on my laptop however after running mcafee scan and windows defender scans im not able to find anything. I have also check my windows processes and have found nothing suspicious. Can anyone tell me if there is a way to absolutely confirm that i have removed it without me having to format my laptop ?
Thanks !
https://blog.malwarebytes.com/threats/remote-access-trojan-rat/
Mcafee can detect certain versions I feel but try the programs mentioned in the link.
I have asked a lab tech for comment
To remove RTA from your computer, perform the following steps:
1. Remove RTA manually from your Windows installed programs
2. Reset your browser infected with RTA
3. Scan and remove infection remnants using an adware removal program
4. Clean your Windows Registry
Varonica Basu wrote:
To remove RTA from your computer, perform the following steps:
1. Remove RTA manually from your Windows installed programs
2. Reset your browser infected with RTA
3. Scan and remove infection remnants using an adware removal program
4. Clean your Windows Registry
Hi Varonica,
While we appreciate you volunteering to help fellow posters, it seems like your reply is generic and missing subject. Please provide as much information as possible so that it is easy to follow.
successfully moved from Virus and Spyware Protection to Home User Assistance > Discussions
If you suspect that you had a RAT on your system then
1) What made you think so? What were the symptoms?
2) If McAfee and Windows Defender found nothing then what did you do that makes you think it, whatever it was, has been removed?
Microsoft have an article about removing Remote Access Trojans but it's an old one (2002)
There are other articles and removal guides but they're all rather vague and not very helpful. A lot depends on where the RAT may have come from (Steam or other gaming-related sites; Hackforums or one of the other wannabe-blackhat watering holes) - there are many RATs, some newish but many of the older ones are still around (and should be detectable). Since the demise of the late and unlamented Blackshades the very worst and most dangerous RATs are being produced for state-level actors. If you encounter one of those then you're in trouble, for a host of reasons.
A Trojan is just a program you wouldn't really allow to run if you knew what it was, so it tricks you into letting it through your defences. What matters is what it does after that. Some Trojans load up malware to monitor or control your system and then try to hide their traces. If you're worried you had one of those then all you can do is to run multiple scans from different vendors and see if any of them find something.
As you're using McAfee you might want to start with GetSusp, which will look for unidentified files and flag them for investigation. If you want to dig deeper you're looking at searching for rootkits, examining the MBR, checking network traffic for abnormal patterns and unknown destinations ... how paranoid do you want to become?
Yes may be Rat or specifiec malware must have been quarantined by mcafee antivirus program. Have u tried to restart your PC in safe mode? If you are getting vague virus removal guide promoting worthless anti malware, then look for some basic manual virus removal steps to remove RAT virus.
Hey Nice information about RAT and Trojan ..... really informative
Hello,
It is best to confirm about current malware activity with tools like GestSusp and Autoruns.
Unfortunately RAT never comes alone so it can leave some artefacts active.
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA