Unsolved
This post is more than 5 years old
1 Message
0
27428
March 2nd, 2014 14:00
Is there a RAT on my computer?
A little under two weeks ago, I downloaded what was supposed to be a job application from a link I got in a craigslist email. My anti virus shut it down because it detected a worm, but it said the worm was removed and no action was required. However, every time I have opened my computer since then, I get a notification that my anti virus blocked an attack from the same IP address. Since then, I tried to use my webcam twice and it said it was already in use, although I didn't have any other programs open. I uninstalled several applications, including one that was installed on the day that I opened the "job application" that I don't remember authorizing. I restarted my computer but the webcam was still in use. This made me uncomfortable so I put a sticker over the camera. After doing this, I tried opening the webcam again and had no issue (the video was blank white because of the sticker but it was working fine). This was yesterday and I have tried using the webcam periodically since then to test it and it works fine now that there is a sticker over it. I ran a scan on my computer with my anti virus and it said there was a problem called "shadesrat" that it found and removed. (This may or may not have anything to do with the issue at hand.) I don't know if the webcam started working because I got rid of something malicious, because I covered the webcam and the RAT has no use for it anymore, or because there was never any problem in the first place. Do you think there could still be something wrong or was there ever? What would you do in this situation?
______________
ky331
5 Journeyman
•
15.6K Posts
•
45K Points
0
March 2nd, 2014 14:00
One-on-one Malware Analysis/Removal is no longer done at the Dell Forums.
Please follow the directions at http://spywarehammer.com/simplemachinesforum/index.php?topic=12262.0 to register and post the requested DDS logs at spywarehammer.com ; there are expert helpers there who can "walk you through" procedures to analyze your system, and clean-up the infection (if any). All help provided there is FREE. If you decide to go for help there, please wait for a response, and do NOT attempt to run any other scans/removers on your own --- do exactly what they instruct you to do, no more, no less.
Good luck!
Bugbatter
4 Apprentice
•
20.5K Posts
0
March 10th, 2014 06:00
robemeen, the best remedy for a RAT usually is a reformat along with some other precautions, especially if you do any online shopping or banking. I would hesitate to provide general instructions here in a general forum without knowing exactly what you are dealing with. Otherwise we would be simply "shooting in the dark" and could even do some damage.
Unless you are experienced in manually working in the registry, I would not advise you to do that on your own. One slip and you could render the computer inoperable. If you must work in the registry, always make a backup first. Furthermore, disabling System Restore to begin with (as advised above) is unwise; thus, if anything should happen, you will have no restore point to return to. A dirty restore point so you can start over with malware removal is better than none at all.
I suggest that you follow ky331's advice to have a trained expert work with you to analyze and help you address the problem based on the output of several diagnostic logs. Please use your same username as here so that your registration can be approved and staff can be notified to pick up your logs as soon as possible. Don't forget to check your email and click on the link they send you in order to confirm your registration. You will need to post two logs. Help is free. The instructions are at the top of their forum.
Bugbatter
4 Apprentice
•
20.5K Posts
0
May 29th, 2014 11:00
Thank you, FredGrice. SpywareHammer appreciates your recommendation.
FredGrice
1 Message
0
May 29th, 2014 11:00
Excellent great service in a professional manner i would Highly recommend.