So here we start ----
Tools we need :
1) Hijackthis - from trend micro anti virus Download
2) Antivirus with personal firewall(example like avira is good one )
So Rat is installed in your computer :
First open hijackthis and click on " Do a system scan and save a log file "
( it will show u all the registry in your system )
Rat and keylogger are mostly store in " HKCU " or " HKLM " so find in this registry so key logger must be name as server.exe or svchost.exe ( hacker name the server as some system file ) so put tick on it shown in below image
![[Image: Capture-9.png]](http://i933.photobucket.com/albums/ad175/rahulrhl29/Capture-9.png)
( note this registry some were )
Put mark on it and click " fix checked " it will ask you " Fix 1 selected item ? This will permanently delete and/or repair what you selected " click yes
Then restart You pc ----
Now open were u note the registry
it will be like (example :- " HkUM\..\Run: [HKCU] c:\windows\system32\instal\svchost.exe" )
it is the location where the server(keylogger/Rat) is stored go to that place (go to folder option --- View -- mark " show hidden files .folders and drives " and remove mark from " Hide protected operating system in file (recommended) "
and click apply and press ok )
Then u can see that folder " instal " as it was in loaction of hijackthis delete that file
( clean your temp file and run disk cleanup )
note :- ( Install personal firewall it will block when this kind keylogger and Rat try to connect to internet so u can be safe )
i recommend install " avira_premium_security_suite " it work for nw
No comments:
Post a Comment