Help I think someone put a rat on my PC!

Jaydon

Honorable
Jul 13, 2013
13
0
10,510
Someone please help, I turned on my PC and started playing this game that I really like, well as I was playing the Settings search bar came up an someone typed in "LMAO" I started to freak out so I shut my PC down and with courage I turned it back on, nothing else has happened but I'm still so scared to use my PC how can I find out if some ratted me, and if they did.. how can I stop it!?
 
Solution
1) Firstly an extremely easy way to tell if you've been ratted is to go to your folder options, and uncheck hide protected operating system files and show hidden files and folders. Then go to your C drive and if there is any folder called WinUpdate, that is a rat. In addition to that, go to your appdata root, roaming and all other folders in your appdata. If you find any files or folder that look like they belong to your system like windows defender or anything like that, those are all rats.


2) Secondly, you may open your process list by holding control alt delete, and open your task manager. Check the box or click show processes from all users. Look for any double processes, most commonly winlogon, windefender, and winupdate are...

Josh Brumpton

Honorable
May 19, 2013
238
0
10,710
1) Firstly an extremely easy way to tell if you've been ratted is to go to your folder options, and uncheck hide protected operating system files and show hidden files and folders. Then go to your C drive and if there is any folder called WinUpdate, that is a rat. In addition to that, go to your appdata root, roaming and all other folders in your appdata. If you find any files or folder that look like they belong to your system like windows defender or anything like that, those are all rats.


2) Secondly, you may open your process list by holding control alt delete, and open your task manager. Check the box or click show processes from all users. Look for any double processes, most commonly winlogon, windefender, and winupdate are doubles, if so look for the one that is not controlled by the system, but instead look for the one that has your username under user. Also, if the process has a randomized description and you don't recognize the process, it is most likely a rat. To find the location, right click it and press open file location.

3) How to Remove. Before you start ending processes, deleting files, please read this to prevent damage to your computer. If you end the process or delete the file, it may not let you, or you'll get a blue screen and your system will crash. To fix this, hold your power button until your computer shuts off. Start up again and boot into safe mode. From here go to the file location you discovered from the process list or wherever you found it. From there, you can safely delete it. After or before this, install and run malwarebytes on your system to ensure it is completely gone. Another thing you can do if it is not a sophisticated rat, you can simply create a new user and delete the other.


Please note, this is not a 100% sure fire way to get rid of a rat, but it will usually work. The rat may have spread even further though, in which case, you should do a system restore or have a professional or friend help you completely delete it.
 
Solution