How To Check Whether You are Victim of RATS or not ?


In this post i am going to show you how to find out when you are infected with a RAT or Keylogger, without using any complex tools. Now i believe most of you might know that you need to have an internet connection to make a RAT or a Keylogger work, which would mean, if you are not connected to internet, you don't have to worry about being infected with RAT or Keylogger. Ok, so for those who have internet connection and think they are being infected with a Trojan, here is a little guide that can solve your problem.

1. Now every program has their own process which can be seen on task manager. So the first thing to do is to find out which process the Trojan is being attached to. If you see some unknown process search that on google. A good hacker will always makes sure he hides its process with a Windows based Process, for eg. svchost.exe or something like that.

2. If you cant find, then the next thing you can do is use cmd (to open cmd prompt, Click on Start--->Accessories-->Command prompt).

3. Once Command Prompt is opened, use this command: netstat -an |find /i "listening"

Note: The NETSTAT command will show you whatever ports are open or in use, but it is NOT a port scanning tool!

Now we wonder What this Command does? This command will show all the opening ports. Now check for any unknown port.

4. You can skip step 3 if you want, and can do this instead.

Open command prompt and type netstat -b


Now this command will show you the active connections with the process with their PID (Process Identifier) and also the packets.
Look out for SYN Packets and the Foreign address its been connecting with , check the process its been associated with, check the ports also. If you find that its connecting to some unknown ports, then you can say you have been backdoored.

5. Go to your task manager. On the top of it, click on View---> select Column---> Tick on PID (Process Identifier).
Match the suspicious Process with the Processes In task manager, check PID also.


Now most of the RATs resides on Start up. How to delete them from start up?

a) Go to regedit ---> HKLM\Software\Microsoft\Windows\Current version\Run
On the Right hand side, check for the process name which you find on step 4. if its not their. Check at
HKCU\Software\Microsoft\Windows\Current Version\Run
OR
Open Cmd prompt & type start msconfig. Go to Startup tab, you can check the startup process there.


I hope This Tutorial was easy and comprehensive.

5 comments:

jane holly said...

This professional hacker is absolutely reliable and I strongly recommend him for any type of hack you require. I know this because I have hired him severally for various hacks and he has never disappointed me nor any of my friends who have hired him too, he can help you with any of the following hacks:

-Phone hacks (remotely)
-Credit repair
-Bitcoin recovery (any cryptocurrency)
-Make money from home (USA only)
-Social media hacks
-Website hacks
-Erase criminal records (USA & Canada only)
-Grade change

Email: onlineghosthacker247@ gmail .com

No Name said...

CONTACT 24/7
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com

Selling SSN+Dob Leads/Fullz with Driving License/ID Number For Tax return & W-2 Form filling, etc.

>>1$ each without DL/ID number
>>2$ each with DL
>>5$ each for premium (also included relative info)

Price reduce in Bulk order

DETAILS IN LEADs/FULLZ/PROS

->FULL NAME
->SSN
->DATE OF BIRTH
->DRIVING LICENSE NUMBER WITH EXPIRY DATE
->COMPLETE ADDRESS
->PHONE NUMBER, EMAIL, I.P ADDRESS
->EMPLOYMENT DETAILS
->REALTIONSHIP DETAILS
->MORTGAGE INFO
->BANK ACCOUNT DETAILS

>All Leads are Spammed & Verified.
>Fresh spammed data of USA Credit Bureau
>Good credit Scores, 700 minimum scores
>Invalid info found, will be replaced.
>Payment mode BTC, ETH, LTC, PayPal, USDT & PERFECT MONEY

''OTHER GADGETS PROVIDING''

>SSN+DOB Fullz
>CC with CVV
>Photo ID's
>Dead Fullz
>Carding Tutorials
>Hacking Tutorials
>SMTP Linux Root
>DUMPS with pins track 1 and 2
>Sock Tools
>Server I.P's
>HQ Emails with passwords

Contact 24/7

Email > leads.sellers1212@gmail.com
Telegram > @leadsupplier
ICQ > 752822040

Amalia Eva said...

I Want to use this medium in appreciating hacking setting, after being ripped off my money,he helped me find my cheating lover whom i trusted alot and he helped me hack his WHATSAPP, GMAIL and kik and all other platforms and i got to know that he has being cheating on me, in less than 24 hours he helped me out with everything, hacking setting is trust worthy and affordable contact him on: hackingsetting50 at gmail dot com

No Name said...

Hi Guy's

Fresh & valid spammed USA SSN+Dob Leads with DL available in bulk.

>>1$ each SSN+DOB
>>2$ each with SSN+DOB+DL
>>5$ each for premium (also included relative info)

Prices are negotiable in bulk order
Serious buyer contact me no time wasters please
Bulk order will be preferable

CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com

OTHER STUFF YOU CAN GET

SSN+DOB Fullz
CC's with CVV's (vbv & non-vbv)
USA Photo ID'S (Front & back)

All type of tutorials available
(Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)

SMTP Linux Root
DUMPS with pins track 1 and 2
Socks, rdp's, vpn's
Server I.P's
HQ Emails with passwords

Looking for long term business
For trust full vendor, feel free to contact

CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com

Sophia Mia said...

Are you willing to know who your spouse really is, if your spouse is cheating just contact hackingsetting, He is good at hacking into cell phones,changing school grades and many more. This great hacker has also worked for me and my colleagues and we got results of our spouses whatsapp messages,call logs, text messages, viber, kik, Facebook, emails, deleted text messages and many more, this hacker is very fast, cheap and affordable. He has never disappointed me and my colleagues for once, contact him if you have any form of hacking problem, am very sure he will help you out. THANK YOU.

contact: hackingsetting50@gmail.com

Post a Comment

STEALTH HACKER

Sponsers