cancel
Showing results for 
Search instead for 
Did you mean: 
ongpm
Level 7
Report Inappropriate Content
Message 1 of 10

How to remove a RAT

Hi,

I suspect that a RAT has been installed on my laptop however after running mcafee scan and windows defender scans im not able to find anything. I have also check my windows processes and have found nothing suspicious. Can anyone tell me if there is a way to absolutely confirm that i have removed it without me having to format my laptop ?

Thanks !

9 Replies
Reliable Contributor Peacekeeper
Reliable Contributor
Report Inappropriate Content
Message 2 of 10

Re: How to remove a RAT

https://blog.malwarebytes.com/threats/remote-access-trojan-rat/

Mcafee can detect certain versions I feel but try the programs mentioned in the link.

Reliable Contributor Peacekeeper
Reliable Contributor
Report Inappropriate Content
Message 3 of 10

Re: How to remove a RAT

I have asked a lab tech for comment

Re: How to remove a RAT

To remove RTA from your computer, perform the following steps:

1. Remove RTA manually from your Windows installed programs

2. Reset your browser infected with RTA

3. Scan and remove infection remnants using an adware removal program

4. Clean your Windows Registry

Reliable Contributor selvan
Reliable Contributor
Report Inappropriate Content
Message 5 of 10

Re: How to remove a RAT

Varonica Basu wrote:

To remove RTA from your computer, perform the following steps:

1. Remove RTA manually from your Windows installed programs

2. Reset your browser infected with RTA

3. Scan and remove infection remnants using an adware removal program

4. Clean your Windows Registry

Hi Varonica,

While we appreciate you volunteering to help fellow posters, it seems like your reply is generic and missing subject. Please provide as much information as possible so that it is easy to follow.

Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 6 of 10

Re: How to remove a RAT

successfully moved from Virus and Spyware Protection to Home User Assistance > Discussions

Cliff
McAfee Volunteer
Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 7 of 10

Re: How to remove a RAT

If you suspect that you had a RAT on your system then

1) What made you think so?  What were the symptoms?

2) If McAfee and Windows Defender found nothing then what did you do that makes you think it, whatever it was, has been removed?

Microsoft have an article about removing Remote Access Trojans but it's an old one (2002)

Danger: Remote Access Trojans

There are other articles and removal guides but they're all rather vague and not very helpful. A lot depends on where the RAT may have come from (Steam or other gaming-related sites; Hackforums or one of the other wannabe-blackhat watering holes) - there are many RATs, some newish but many of the older ones are still around (and should be detectable). Since the demise of the late and unlamented Blackshades the very worst and most dangerous RATs are being produced for state-level actors. If you encounter one of those then you're in trouble, for a host of reasons.

A Trojan is just a program you wouldn't really allow to run if you knew what it was, so it tricks you into letting it through your defences. What matters is what it does after that. Some Trojans load up malware to monitor or control your system and then try to hide their traces. If you're worried you had one of those then all you can do is to run multiple scans from different vendors and see if any of them find something.

As you're using McAfee you might want to start with GetSusp, which will look for unidentified files and flag them for investigation. If you want to dig deeper you're looking at searching for rootkits, examining the MBR, checking network traffic for abnormal patterns and unknown destinations ... how paranoid do you want to become?

Start with GetSusp and take it from there. See

mikeez1
Level 7
Report Inappropriate Content
Message 8 of 10

Re: How to remove a RAT

Yes may be Rat or specifiec malware must have been quarantined by mcafee antivirus program. Have u tried to restart your PC in safe mode? If you are getting vague virus removal guide promoting worthless anti malware, then look for some basic manual virus removal steps to remove RAT virus.

Remove Malware Virus
mikeez1
Level 7
Report Inappropriate Content
Message 9 of 10

Re: How to remove a RAT

Hey Nice information about RAT and Trojan ..... really informative

Remove Malware Virus
Reliable Contributor ninov_n
Reliable Contributor
Report Inappropriate Content
Message 10 of 10

Re: How to remove a RAT

Hello,

It is best to confirm about current malware activity with tools like GestSusp and Autoruns.

Unfortunately RAT never comes alone so it can leave some artefacts active.

In case above information was useful or answered your question, please select "Accept as Solution" in my reply, or give a Kudo. Thanks!
Nino

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community