Fainted said:I see these IPs as established only having the internet browser opened. I don't know, do you see normal or suspicious man?
Btw, thanks for the help!
I can't tell just from a glance but you can check the IPs via: http://www.iplocation.net/
Unicorn said:This is a great thread your helping people with;
Issue: RAT (just checking)
Question(s): What are the main .exe that would be running on my task management
Any additional information: Are all rats the same types of .exe apps running.
No, not all rats are the same type of .exe's in task manager.
They can really be any of them but some of the more common ones are: winlogon.exe, Jusched.exe, csrss.exe, explorer.exe, svchost.exe, rundll32.exe and spoolsv.exe.