Share via

How can I get rid of this RAT?

Anonymous
2024-07-03T16:38:32+00:00

Hello, So while I was downloading something off of GitHub I got a RAT. I don't know all the things it has done except for log onto my discord and advertise their server. I had tamper protection off when I downloaded it (I know stupid) so if I do a windows defender scan or MRT scan it says there is no corrupt files but when I downloaded Microsoft Safety scanner app and that found some corrupt files and removed them but I decided to do the test again it still says there are corrupt files. I've done the SFC scan and that says there aren't anymore corrupt files. I also did the MRT scan and SFC scan in safe mode. Is there anything I can do to make sure the RAT is off my PC and I don't have any corrupt files left? Or would I have to factory reset my PC? Or should I just keep using the Microsoft Safety scanner until it says there aren't any?

Edit: I also restored my PC to a point before I got the RAT

Windows for home | Windows 10 | Security and privacy

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

Answer accepted by question author

  1. Ramesh 176.1K Reputation points Volunteer Moderator
    2024-07-03T16:55:06+00:00
    1. Download Malwarebytes Antimalware, run a scan, and eliminate every malware it finds.
    2. Run the Farbar Scanner and share your logs.

    Download Farbar Recovery Scan Tool (FRST64.exe)

    Note: If Microsoft Edge or Chrome mislabels the Farbar Scanner executable as PUA/malware, choose to keep it by tapping … in the bottom bar, choosing Keep, and then choosing Keep anyway in the dialog that appears.

    If the OS language is non-English, rename FRST64.exe to FRST64English.exe.

    Run the program. Don't check or uncheck any options. Click "Scan".

    Upload the two logs, FRST.txt and Addition.txt, to your OneDrive and share the link here.

    (How-To: Share OneDrive files and folders - Microsoft Support)

    1 person found this answer helpful.
    0 comments

5 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ramesh 176.1K Reputation points Volunteer Moderator
    2024-07-03T19:09:07+00:00

    The option may have been moved to another tab, not sure.

    Please see screenshots here: https://forums.malwarebytes.com/topic/309304-malwarebytes-45-issue-with-preventing-windows-update-security-definitions/

    0 comments
  2. Anonymous
    2024-07-03T18:19:10+00:00

    I don't see the security tab on my Malwarebytes app. My apps version currently is 5.1.6.117 and from I what searched up they removed that. Is there any other way I can enable it or no? I can still check the "Add or remove exclusions" in the windows defender app and there isn't any exclusions. Also thank you for the help

    0 comments
  3. Ramesh 176.1K Reputation points Volunteer Moderator
    2024-07-03T17:57:08+00:00

    The system is clean. Please do this;

    1. Open Malwarebytes, and click Settings.
    2. In the Security tab, scroll down to the Windows Security Center section.
    3. Disable the option Always register Malwarebytes in the Windows Security Center
    4. Open Windows Security.
    5. Click Virus and threat protection, and click Manage settings.
    6. Click "Add or remove exclusions".
    7. If there are unknown exclusions listed, remove them.

    And change your account/email/web-related passwords, and set up 2FA.

    What is: Multifactor Authentication - Microsoft Support: https://support.microsoft.com/en-us/topic/what-is-multifactor-authentication-e5e39437-121c-be60-d123-eda06bddf661

    0 comments
  4. Anonymous
    2024-07-03T17:39:55+00:00

    Thanks for the help

    Here are the logs: 2 Items

    0 comments