Its just a simple batch file program that logs every incoming and outgoing connections. If or when you use this try to close everything that uses internet that way you don't get a bunch of ips seen in my picture. I also will be putting in some of the common ports people use for the viruses witch are 1337 and 1604 you see those you have a virus i dont see what else would be using that type of port. thanks man
Another thing is to beware of unfamiliar processes. Deviation is a big pat of virus spreading. Such as if a company pays a software developer to advertise their product. Like when you install something and it asks you if you want other stuff. It's sometimes decent at first, but then they trick the reputable software into giving out copies of malicious software and bam, you're infected. My point is to ALWAYS keep track of your software, check your installed program list regularly, I do it weekly in case something slips by, check task manager often, check everything often. Don't be dumb and be like "Oh what's this, system32, never heard of it. *Delete*", because that's how you mess up. Investigate before you delete. Learn your system, for the purpose of using it properly. Then when something goes wrong, you can fix it yourself because you'll have the knowledge. Keeping yourself secure is a big thing in todays world, I hope my addition to this helps someone, you all have a nice day
well that's very smart of you but it does seem like a lot of work.... Anything that i find untrustworthy i test it on my VM witch is great because if it happens to be a virus i can just remove without worry since its a VM. Since its a fake computer i named it FBI RAT-TEST AREA and they sometime freak out since there little kids.....
It may be a bit of work, but WELL worth it. I caught my neighbors piggybacking off my Wi-Fi the other day, so I decided... Hey, it's my network, I AM YOUR MASTER. So I grabbed a screencap from him to see if it was him using my Wi-Fi to blare music from his loft. It was. I sent a command to close everything out, and open up a youtube page with opera music, he was so upset. Then I sent a bunch of DeAuth request to kick him, and changed my pass, and renamed my Wi-Fi to "No Password, No Entry." Then, I caught him trying AGAIN! He was using Reaver, one that takes advantage of flaws in the WPS of a router if it has one. So I decided to set up a virtual server, and rename it as my Wi-Fi, I let him into it, but any page he visited redirected to a html script saying "STAY OFF MY WI-FI." He got the message after that xD
what you should have done is use remote desktop you can do it to any computer on your wifi as long as its enabled on there computer.
Please keep in mind, booting your computer into safe-mode sometimes prevents the RAT from binding to the particular program that it would normally bind too, thus when you try to run your malware scanner, it will not pick anything up. If the creator of the RAT is smart, he will bind it to core functions that are normally disabled when booting into safe mode, thus you will not be able to find it. I have always told people, if you don't know what you're doing, get a professional to get rid of the RAT, most retailers have very specific tools the normal population does not have access too that makes getting rid of a RAT extremely easy. Reaver, what an easy tool to use, sounds to me like you're living next to some guy who typed into Google how to crack a basic WI-FI network.
yea but you need internet in order to connect to a RAT victim.... That is why i said to boot into safe mode without internet/wifi doing that will let you look through your computer without interruptions.
It's uses the Netstat set of commands, such as Netstat -ano in a command prompt, but this small batch file just makes it quicker, and funnels it into a log file in a notepad
