Possibly infected by a RAT (Remote Access Tool)? - Read!

(05-06-2013 04:39 AM)savage Wrote:  Em.... i found a winlogon. and i click end process but i get this message
"The operation could not be completed.

Access is denied."


HELP!

the winlogon is a microsoft program that runs your background, however, as mentioned in the initial post, if you find 2 of them, means your infected.

---

(05-06-2013 05:14 AM)savage Wrote:  but mate there is 2

what type of anti-virus you got?

have you downloaded anything suspicious lately?

I dont watch pr0n, so no nothing has been downloaded except rune2006 client. And i have malwarebytes and windows defender, also. My youtube layout has changed. Idk how to screen shot it or i would. But my youtube format is the same except for the video client itself, the client shows a grey bar that is unattached to the youtube video as my timeline, the video isn't centered and you can see black space and theres a youtube watermark in the bottom right.

(05-06-2013 06:31 AM)savage Wrote:  I dont watch pr0n, so no nothing has been downloaded except rune2006 client. And i have malwarebytes and windows defender, also. My youtube layout has changed. Idk how to screen shot it or i would. But my youtube format is the same except for the video client itself, the client shows a grey bar that is unattached to the youtube video as my timeline, the video isn't centered and you can see black space and theres a youtube watermark in the bottom right.

1- Try to run an anti-virus scan, if it doesn't let you run it, run it in safe mode.

2- Right click the process and click "Open containing folder"
if the folder is one of these, then you're safe.
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\DLLCACHE\winlogon.exe
C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
C:\I386\winlogon.exe

also put blue tack over ur webcam and don't talk about important shit !

If there are 2 winlogon.exe , one of them is the REAL One , if you end that one , it will shut down the computer.

RATs are indeed nasty but I'm glad that there are guides such as this to help newbies get rid of them.

+1 to you for this great guide.

I could sit for hours explaining why this wouldnt work and such, rats are getting more and more advanced daily, the only real way to stay safe is to master them yourself.

i got them mastered i use them all the time i wont get infected

(05-05-2013 07:31 PM)Henning-Banned Ingame- Wrote:  just download ccleaner, and check the startups, disable it then download malwarebytes

Note: I used to own a BOT-net

BE CAREFUL WITH CC CLEANER!!

If you are not careful and forget to Backup your registry you can mess it up. Be Careful Everyone.

(05-06-2013 01:34 AM)Ayden Wrote:  I would be rather flattered if someone wanted to watch me on my webcam and hear my voice all the time. Overall nice guide. Normally I would just do the CCleaner thing but if I get in a sticky situation then I will open this up.

That'd be the life- finally wanted <3