LimeRAT Malware


LimeRAT is a type of malicious code that is better known under the collective term of Trojans. Trojan horse viruses like LimeRAT are among the most dangerous type of malware in existence and removing this piece is crucial to your system’s safety.

LimeRAT Malware

The LimeRAT Malware

Trojan horse viruses such as LimeRAT are capable of causing a wide variety of different damage. Therefore, allowing it to remain any longer than necessary could result in all sorts of harm. As a matter of fact, the range of devastation goes from petty things like system crashes and account hacking to identity theft and financial crimes.

Below our experts have put together a detailed removal guide with the help of which all LimeRAT victims will be able to remove this malware from their machines. However, keep in mind that this process does require relative tech-savviness as it involves dealing with system files. For this reason, if you don’t feel comfortable undertaking the removal of LimeRAT on your own, we also have a handy malware removal tool present. In only a matter of a few clicks it can take care of the whole problem for you.

What you can expect from LimeRAT and why it is such a tremendous threat

Trojans are without competition the most numerous and widespread malware category on the internet. Up to 90% of all malicious infections that occur are due to Trojans. This is mainly due to two factors.

First of all, Trojans like LimeRAT are notorious for their stealth and ability to stay hidden over long periods of time. Hence, there’s no telling how long LimeRAT had been in your system before you actually came to find out about it. A Trojan horse virus will typically hide very deep in your system and will therefore avoid detection. In addition, an infection of this type usually doesn’t have any symptoms that would signal the presence of an intruder.

And then the second factor that has greatly contributed to the unbeaten popularity of Trojans is their multifunctionality. These types of viruses are capable of executing such a wide variety of malicious tasks, we couldn’t possibly cover them all within this article.

We did already touch on what the potential consequences of a Trojan’s presence may be. But as for the means that these viruses can use to achieve their goals, these are just as varied. Anything from keystroke logging and tapping into microphones and webcams all the way to hijacking your entire traffic and rerouting it to the hackers’ servers goes.

For this reason, as long as LimeRAT is on your computer, you can never be sure who else may be seeing what you’re doing, both physically, as well as on your PC. Not to mention that software of this type is very commonly also used as a backdoor to let in other malicious code, like for example ransomware. And at the moment ransomware happens to be at the top of the list as far as levels of devastation go, so you can consider yourself very lucky to have detected LimeRAT at all – hopefully before it’s too late.



Name LimeRAT
Type Trojan
Danger Level  High (Trojans are often used as a backdoor for Ransomware)
Symptoms  Trojans are notoriously stealthy and don’t usually display any symptoms.
Distribution Method  Users are most likely to land a Trojan horse infection by means of opening an infected email attachment or link or by interacting with infected content from torrent sites or similar download sources. 
Detection Tool

Remove LimeRAT Malware

If you are looking for a way to remove LimeRAT you can try this:

  1. Click on the Start button in the bottom left corner of your Windows OS.
  2. Go to Control Panel -> Programs and Features -> Uninstall a Program.
  3. Search for LimeRAT and any other unfamiliar programs.
  4. Uninstall LimeRAT as well as other suspicious programs.

Note that this might not get rid of LimeRAT completely. For more detailed removal instructions follow the guide below.

If you have a Windows virus, continue with the guide below.

If you have a Mac virus, please use our How to remove Ads on Mac guide.

If you have an Android virus, please use our Android Malware Removal guide.

If you have an iPhone virus, please use our iPhone Virus Removal guide

LimeRAT Malware

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

LimeRAT Malware


Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous. 

LimeRAT Malware

Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

LimeRAT Malware
Drag and Drop Files Here to Scan
Maximum file size: 128MB.

This scanner is free and will always remain free for our website's users. You can find its full-page version at:

Scan Results

Virus Scanner Result
LimeRAT MalwareClamAV
LimeRAT MalwareAVG AV
LimeRAT MalwareMaldet

After you open their folder, end the processes that are infected, then delete their folders. 

Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections. 

LimeRAT Malware

Hold together the Start Key and R. Type appwiz.cpl –> OK.

LimeRAT Malware

You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:

LimeRAT Malware

LimeRAT Malware

Type msconfig in the search field and hit enter. A window will pop-up:

LimeRAT Malware

Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.

  • Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.

Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

LimeRAT Malware

If there are suspicious IPs below “Localhost” – write to us in the comments.

LimeRAT Malware

Type Regedit in the windows search field and press Enter.

Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


About the author


Violet George

Violet is an active writer with a passion for all things cyber security. She enjoys helping victims of computer virus infections remove them and successfully deal with the aftermath of the attacks. But most importantly, Violet makes it her priority to spend time educating people on privacy issues and maintaining the safety of their computers. It is her firm belief that by spreading this information, she can empower web users to effectively protect their personal data and their devices from hackers and cybercriminals.

Leave a Comment