how does SpyShelter fare with the RAT malware?
1 Like
RAT Malware is difficult to detect and stop. If you run SpyShelter in our Paranoid mode you should have the best chance of preventing a RAT from starting.
Go to the “Protection” tab and choose “Paranoid” at the top middle.
acknowledged. Where do RATs usually reside? in registries?
We have found that RAT software usually hides in common system directories like C:\Windows\System32 or C:\Users[Username]\AppData. These are targeted because they contain legitimate files, making it easier for the RAT to blend in and avoid detection.
A RAT might also disguise itself with a name similar to a legitimate Windows process to stay under the radar. Like svchost or something… (check yours with SpyShelter to make sure it’s signed by Microsoft)
I don’t think a RAT can actually live in the Registry, but RATs may make changes to the Windows Registry (SpyShelter monitors Registry changes) to maintain persistence. They might add entries in startup locations so the malware runs automatically when the system boots. This allows the RAT to stay active even after a restart. SpyShelter lets you allow/deny Registry changes, so you might catch a RAT doing that…
Always keep an eye on your processes with SpyShelter and that should give you a better chance against RAT-type malware. We should be able to spot unusual executable activity, for example an unsigned executable, or an executable like Edge.exe that’s signed by some unusual entity…
Why are you specifically asking about RATs? Did you run into a RAT on your PC?
Yes, it manages to know the programs i have been using in my pc, the youtube videos i watch, knows if my pc is off or on, and etc. Threat actor pretty much announces these info in a certain site
I am sorry to hear that’s happening.
In this case I’d recommend wiping your devices and reinstalling the OS, then try a Microsoft Security Offline Scan on your PC.
Also maybe just go to your ISP and trade our your modem for a new one. Then see if the problem continues.
https://www.howtogeek.com/224342/how-to-clean-install-windows-10/ - choose the “scratch” method if possible.
Once everything is clean, install SpyShelter to avoid future issues.
Were you able to solve the issue? Did you reset Windows?