• Login
  • Register
Hello There, Guest!

Username:

Password:

Remember me

hasło Lost Password?

  • Forum
  • Search
  • Member List
  • Play
  • Hiscores
glowna Rune2006 → Rune2006 → Guides & Tutorials → Avanced guides →

Possibly infected by a RAT (Remote Access Tool)? - Read!


Post Reply
Threaded Mode | Linear Mode
Possibly infected by a RAT (Remote Access Tool)? - Read!
Mr Noodles
Minotaur Member
  • Posts:107
  • Joined:Apr 2013
  • Reputation:1
05-06-2013 05:17 AM RE: Possibly infected by a RAT (Remote Access Tool)? - Read!
Post: #11
(05-06-2013 04:39 AM)savage Wrote:  Em.... i found a winlogon. and i click end process but i get this message
"The operation could not be completed.

Access is denied."


HELP!

the winlogon is a microsoft program that runs your background, however, as mentioned in the initial post, if you find 2 of them, means your infected.

(05-06-2013 05:14 AM)savage Wrote:  but mate there is 2 Sad

what type of anti-virus you got?

have you downloaded anything suspicious lately?

[Image: e0ce77ca729840089f565987b2c6ac19.gif]
[Image: w8qhpz.gif]

(This post was last modified: 05-06-2013 05:41 AM by Mr Noodles.)
top
find
quote
savage
Dwarf Member
  • Posts:70
  • Joined:Apr 2013
  • Reputation:1
05-06-2013 06:31 AM RE: Possibly infected by a RAT (Remote Access Tool)? - Read!
Post: #12
I dont watch pr0n, so no nothing has been downloaded except rune2006 client. And i have malwarebytes and windows defender, also. My youtube layout has changed. Idk how to screen shot it or i would. But my youtube format is the same except for the video client itself, the client shows a grey bar that is unattached to the youtube video as my timeline, the video isn't centered and you can see black space and theres a youtube watermark in the bottom right.

[Image: rhulQRr.jpg]
Put this kid on skates. While in sandals...

top
find
quote
Mr Noodles
Minotaur Member
  • Posts:107
  • Joined:Apr 2013
  • Reputation:1
05-06-2013 01:32 PM RE: Possibly infected by a RAT (Remote Access Tool)? - Read!
Post: #13
(05-06-2013 06:31 AM)savage Wrote:  I dont watch pr0n, so no nothing has been downloaded except rune2006 client. And i have malwarebytes and windows defender, also. My youtube layout has changed. Idk how to screen shot it or i would. But my youtube format is the same except for the video client itself, the client shows a grey bar that is unattached to the youtube video as my timeline, the video isn't centered and you can see black space and theres a youtube watermark in the bottom right.

1- Try to run an anti-virus scan, if it doesn't let you run it, run it in safe mode.

2- Right click the process and click "Open containing folder"
if the folder is one of these, then you're safe.
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\DLLCACHE\winlogon.exe
C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
C:\I386\winlogon.exe

[Image: e0ce77ca729840089f565987b2c6ac19.gif]
[Image: w8qhpz.gif]

(This post was last modified: 05-06-2013 01:41 PM by Mr Noodles.)
top
find
quote
p u r e
Ice Giant Member
  • Posts:404
  • Joined:Mar 2013
  • Reputation:4
05-07-2013 12:47 PM RE: Possibly infected by a RAT (Remote Access Tool)? - Read!
Post: #14
also put blue tack over ur webcam and don't talk about important shit Wink!

[Image: 2TVLi.png]

[Image: sig.php?player=lechtizdayen]

top
find
quote
Acerd
Dwarf Member
  • Posts:50
  • Joined:May 2013
  • Reputation:2
05-08-2013 10:04 PM RE: Possibly infected by a RAT (Remote Access Tool)? - Read!
Post: #15
If there are 2 winlogon.exe , one of them is the REAL One , if you end that one , it will shut down the computer.

[Image: 2PpYg.jpg]

top
find
quote
Kornslipkn
Super Moderators

  • Posts:862
  • Joined:Mar 2013
  • Reputation:19
05-11-2013 02:57 AM RE: Possibly infected by a RAT (Remote Access Tool)? - Read!
Post: #16
RATs are indeed nasty but I'm glad that there are guides such as this to help newbies get rid of them.

+1 to you for this great guide.

[Image: WAGNW2_zps74cfb57e.png]

top
find
quote
Henning B
Skeletal Member
  • Posts:538
  • Joined:Mar 2013
  • Reputation:9
05-11-2013 05:04 AM RE: Possibly infected by a RAT (Remote Access Tool)? - Read!
Post: #17
I could sit for hours explaining why this wouldnt work and such, rats are getting more and more advanced daily, the only real way to stay safe is to master them yourself.

Best Regards
~Henning B.
Married to Dsun.
[Image: Resubmit.png]
Need Help?

top
find
quote
Men
Registered
  • Posts:10
  • Joined:Aug 2013
  • Reputation:0
08-05-2013 11:52 AM RE: Possibly infected by a RAT (Remote Access Tool)? - Read!
Post: #18
i got them mastered Smile i use them all the time i wont get infected

[Image: 2uohu95.png]

Join pony clan now http://rune2006.com/forum/showthread.php...96#pid8896

top
find
quote
AzrialTide
Dwarf Member
  • Posts:26
  • Joined:Aug 2013
  • Reputation:0
08-15-2013 01:42 PM RE: Possibly infected by a RAT (Remote Access Tool)? - Read!
Post: #19
(05-05-2013 07:31 PM)Henning-Banned Ingame- Wrote:  just download ccleaner, and check the startups, disable it then download malwarebytes

Note: I used to own a BOT-net

BE CAREFUL WITH CC CLEANER!!

If you are not careful and forget to Backup your registry you can mess it up. Be Careful Everyone.

top
find
quote
Pumpkin Pie
Dwarf Member
  • Posts:62
  • Joined:Sep 2013
  • Reputation:0
09-22-2013 11:54 AM RE: Possibly infected by a RAT (Remote Access Tool)? - Read!
Post: #20
(05-06-2013 01:34 AM)Ayden Wrote:  I would be rather flattered if someone wanted to watch me on my webcam and hear my voice all the time. Overall nice guide. Normally I would just do the CCleaner thing but if I get in a sticky situation then I will open this up.

That'd be the life- finally wanted <3

Pumpkin Pie - Rune2006's Number 1 Skiller Wink

top
find
quote
« Next Oldest | Next Newest »
Pages (3): « Previous 1 2 3 Next »
Post Reply


  • View a Printable Version
  • Send this Thread to a Friend
  • Subscribe to this thread
Forum Jump:


User(s) browsing this thread:
Index | Return to Top | Lite (Archive) Mode | RSS Syndication

Powered By MyBB, © 2002-2025 MyBB Group.
Designed by Adrian/Reksio 54ceebe7a40ef32df34f37c2065d4490