Sunday, June 9, 2013
How to if your pc is infected by RATs or keylogger.. protection without tools!!
Do you like this story?
How To know if your pc is infected by RATs ?
open cmd. first!
- Once Command Prompt is opened, use this command: netstat -an |find /i "listening"
Note: The NETSTAT command will show you whatever ports are open or in use, but it is NOT a port scanning tool!
- Now we wonder What this Command does? This command will show all the opening ports. Now check for any unknown port.Open command prompt and type netstat -b [[work effectively in win XP]]..
- Now this command will show you the active connections with the process with their PID (Process Identifier) and also the packets.
- Look out for SYN Packets and the Foreign address its been connecting with , check the process its been associated with, check the ports also. If you find that its connecting to some unknown ports, then you can say you have been backdoored.
- Go to your task manager. On the top of it, click on View—> select Column—> Tick on PID (Process Identifier).
- Now most of the RATs resides on Start up. How to delete them from start up?
- a) Go to regedit —> HKLMSoftwareMicrosoftWindowsCurrent versionRun
- On the Right hand side, check for the process name which you find on step 4. if its not their. Check at
- HKCU Software Microsoft Windows Current Version Run OR
kill all unknow .exe viruses!
