What is a rat? A Rat stands for remote administrator tool it is used to take over other pc's by sending you a .exe which was created from a tool (Dark Comet, Nano Rat etc) this allows them to look at all your documents and everything else which is personal even Internet passwords and usernames. How to check if you have a rat? In order to check if you have a rat you will need to check your task manager for svc hosts, If you have alot of them you are rattted. Another way to check is if you see this program winlogon.exe which is like the software of your pc then you have been ratted I am warning you now do not delete any files certainly the winlogon.exe or it will mess your pc up. How to prevent getting Ratted? To Prevent getting ratted you need to watch out what you are downloading If you downloaded a file which sounds unlegit or in general if the file which you downloaded is 650kb its a rat another way to check is by checking the information I was recently been given a rat and I knew it was a rat by the information. To check the info you need to do this: https://i.imgur.com/5Whlu90.webm If it says remote Service Application its a rat. Another way to prevent being ratted you can download sand boxie and run it in sand boxie if it doesn't open anything you need to close sand boxie cause it gives them an amount of time to grab your info. Programs which are needed? MalwareBytes Anti-Malware AVG SpyBot If you are ratted run them a few times untill they pick up your rat How to remove a rat? 1. I would suggest restoring your pc to your last backup 2. You can Remove windows 3. Go Into safe mode and if you know where the rat is you can delete it since safe mode stops the rat from getting you so you can delete the rat while in safe mode remember to check appdata and temp for the rat.
Keep in mind as well, booting into safe mode while it is a good call it defeats the purpose of you trying to run any anti virus software, when windows boots up into safe mode the Trojan or the RAT in this case will not bind to any program thus like he said above the RAT won't work in safe mode, but this also means when you go to scan it won't pick anything up. This is why RATs are very tricky to handle, in most cases if your PC is performing slow because of one try to load up task manager and monitor which application is running at all times, it will most likely be a common application such as Chrome or any of your internet browsers. Also monitor CPU usage of each application, chances are, the one that program that is using the absolute most CPU usage is usually the one carrying the RAT.
