A little under two weeks ago, I downloaded what was supposed to be a job application from a link I got in a craigslist email. My anti virus shut it down because it detected a worm, but it said the worm was removed and no action was required. However, every time I have opened my computer since then, I get a notification that my anti virus blocked an attack from the same IP address. Since then, I tried to use my webcam twice and it said it was already in use, although I didn't have any other programs open. I uninstalled several applications, including one that was installed on the day that I opened the "job application" that I don't remember authorizing. I restarted my computer but the webcam was still in use. This made me uncomfortable so I put a sticker over the camera. After doing this, I tried opening the webcam again and had no issue (the video was blank white because of the sticker but it was working fine). This was yesterday and I have tried using the webcam periodically since then to test it and it works fine now that there is a sticker over it. I ran a scan on my computer with my anti virus and it said there was a problem called "shadesrat" that it found and removed. (This may or may not have anything to do with the issue at hand.) I don't know if the webcam started working because I got rid of something malicious, because I covered the webcam and the RAT has no use for it anymore, or because there was never any problem in the first place. Do you think there could still be something wrong or was there ever? What would you do in this situation?
Is there a RAT on my computer?
- Thread starter robemeen
- Start date
Solution
- Mar 16, 2013
- 171,327
- 17,829
- 184,590
Thats not good.
That would be this:
http://www.symantec.com/security_response/writeup.jsp?docid=2011-022214-1739-99
"W32.Shadesrat is a worm that attempts to spread through instant messaging applications and file-sharing programs. It also opens a back door on the compromised computer. "
1. Disconnect it from any internet connection
2. From a different PC, change ALL passwords. Every single one. In the PC and online.
3. Full and complete reinstall.
wortwortwort
Distinguished
- Jun 1, 2010
- 291
- 0
- 18,810
It sounds like you had one. If you don't notice any more problems, you might have gotten rid of it.
If problems persist, you might want to just backup anything important and reformat. Take it as a lesson: don't trust random people on craigslist and download their attachments.
Edit (after seeing that link): Never mind, nuke everything. Reinstall Windows and then change every password you've used on that computer.
If problems persist, you might want to just backup anything important and reformat. Take it as a lesson: don't trust random people on craigslist and download their attachments.
Edit (after seeing that link): Never mind, nuke everything. Reinstall Windows and then change every password you've used on that computer.
TRENDING THREADS
-
-
-
-
-
News US sanctions transform China into legacy chip production juggernaut — production jumped 40% in Q1 2024- Started by Admin
- Replies: 35
-
Question RX 6600 visual glitches right after upgrading to it- Started by Wamek
- Replies: 4
Facebook
Twitter
Instagram