Solved What should I do here?

[Xeno1234]

I get OCD about some things, and I've been concerned about the possibilty that on my laptop that I had a RAT installed and it was monitoring my webcam without me knowing (This is really the only thing I'm concerned about). I know around 6 months ago, I had a malicious JS I found off of malware bazaar on my laptop, and I had ESET endpoint security installed, I was wanting to test liveguard (I've learned from this, as many people have told me this isnt smart). I've been concerned that I've ran it because I did something where ESET popped up saying "Analysis Still in Progress", but I cant remember if it popped up randomly, I tried running the file (I do remember being very cautious here, and im pretty sure I had the 'Block Execution of Files In Liveguard' turned on) or I did something where I "modified" the file causing it to do that. Liveguard said the file was clean.

I was looking through my email today and I saw this: This is from October, I had that malware in late July, and this is the only account I can find with this email. I'm going to change the password, but according to Have I been Pwned, its not from a databreach that this password was leaked.
Looking at all of this, should I be concerned about it being a RAT and them having my webcam? Or am I just overthinking all of this? This could be from some other infection I've had on my main PC, or something else. It's been 6 months and nothing else has happened.
I'm sorry that I keep having to make posts about "I used to download malware to test online sandboxes", but I want to make sure. I've been stressed for 2 weeks about this.

I would like to point out that I suspect the file was ran in July, the password for this account was changed in August, but I did use this pc in October around the time of this email.

 

[Bot]

I understand that you're concerned about the possibility of having a Remote Access Trojan (RAT) installed on your laptop and it monitoring your webcam without your knowledge. It's important to address these concerns and take appropriate steps to ensure your security.

Firstly, it's good that you had ESET endpoint security installed on your laptop. This is a reputable antivirus program that should provide a good level of protection against malware. However, it's worth noting that no antivirus program can guarantee 100% protection, so it's still possible for some threats to slip through.

Regarding Liveguard, it's generally not recommended to test potentially malicious files or tools on your own system, as it can put your security at risk. However, if you had the "Block Execution of Files In Liveguard" option turned on and Liveguard reported the file as clean, it's less likely that it caused any harm.

Regarding the email you found, it's good that you're changing the password. Even if it's not from a known data breach, it's always a good practice to regularly update passwords and use strong, unique passwords for each account.

In terms of your concerns about a RAT and webcam monitoring, it's difficult to determine with certainty whether you have been compromised. However, there are steps you can take to mitigate the risk:

1. Run a full scan with your antivirus software to check for any potential threats.
2. Consider using additional security tools, such as anti-malware software, to perform a deeper scan of your system.
3. Keep all your software, including your operating system and applications, up to date with the latest security patches.
4. Be cautious when downloading files from untrusted sources and avoid running suspicious files or programs.
5. Cover your webcam when not in use to prevent unauthorized access.

It's important to remember that stress and anxiety can sometimes lead to overthinking and excessive worry. While it's good to be cautious about your security, it's also important to find a balance and not let it consume your thoughts. Taking the necessary precautions and staying vigilant should help alleviate some of your concerns.

If you continue to feel stressed or uncertain, it may be helpful to seek support from a trusted friend, family member, or even a professional who can provide guidance and reassurance.

 

[Stargazer_Steve]

You can try Autoruns program to check all startups and Portmaster to monitor every single incoming/outgoing connection.

I'd definitely change your password like you have done, reset security questions, ensure 2FA is enabled and that all other possible devices are forced to logged out. And depending on level of paranoia or concern, a clean HDD wipe and reinstall of OS on all devices, including mobile phones/anywhere you use to logon. (Probably overkill, but at least it may give peace of mind starting from a completely clean slate).

If you're going to test protection, best to do so whilst running a virtual machine; Youtube has some good tutorials on setting these up. But even on a virtual machine, don't use personal accounts/login to sites on the browser, unless it's a newly created account for testing purposes etc.

 

[Digmor Crusher]

You need to stick to one forum only for advice or else it gets messy. OP is getting help on the Malwarebytes forum.

 

[Xeno1234]

You can try Autoruns program to check all startups and Portmaster to monitor every single incoming/outgoing connection.

I'd definitely change your password like you have done, reset security questions, ensure 2FA is enabled and that all other possible devices are forced to logged out. And depending on level of paranoia or concern, a clean HDD wipe and reinstall of OS on all devices, including mobile phones/anywhere you use to logon. (Probably overkill, but at least it may give peace of mind starting from a completely clean slate).

If you're going to test protection, best to do so whilst running a virtual machine; Youtube has some good tutorials on setting these up. But even on a virtual machine, don't use personal accounts/login to sites on the browser, unless it's a newly created account for testing purposes etc.

I will check Netstat on my PC, and I have done a wipe of OS on laptop (although it was through windows, I dont have a usb sadly). I wont be testing malware anytime soon.
I'm not so much concerned about current infection, I've just been concerned about a hacker having video of me because I'm only 15.

 

[Xeno1234]

You need to stick to one forum only for advice or else it gets messy. OP is getting help on the Malwarebytes forum.

I'm only using the MBAM to ensure nothing is on my main computer, which they've verified is clean. I'm asking here about my other devices. I'll move everything to one forum soon though

 

[Digmor Crusher]

"I do want to get your opinion on one thing. On my older computers I’ve been concerned that I either ran some malicious js or html file and have been concerned about it being a RAT that’s had my webcam or something. A couple of months ago (3 months after I might have ran said files) I got a notification saying one of my google accounts had a suspicious sign on blocked.


Im really only concerned about the webcam Incase I did something weird. Am I overthinking this?"

You posted this a couple hours ago. It's really important to get malware removal advice from one forum only. Sorry to be a pain.

 

[Xeno1234]

"I do want to get your opinion on one thing. On my older computers I’ve been concerned that I either ran some malicious js or html file and have been concerned about it being a RAT that’s had my webcam or something. A couple of months ago (3 months after I might have ran said files) I got a notification saying one of my google accounts had a suspicious sign on blocked.


Im really only concerned about the webcam Incase I did something weird. Am I overthinking this?"

You posted this a couple hours ago. It's really important to get malware removal advice from one forum only. Sorry to be a pain.

Its fine. Ill try to end up the MBAM conversation until sunday so they can check my old Desktop.

 

[Stargazer_Steve]

I'd have thought it was better to get advice from multiple sources and viewpoints? Shared and collective knowledge is important, seems strange not to be able to ask for advice on different platforms..

 

[oldschool]

@Xeno1234 The malware removal forum will give you a definitive answer to all of your worries. Any further discussion would be fruitless due to all the various factors involved.

 

[Xeno1234]

@Xeno1234 The malware removal forum will give you a definitive answer to all of your worries. Any further discussion would be fruitless due to all the various factors involved.

I asked this only to know really "Should I be worried about a small chance I have a RAT on my system, and that it could have took video of me"

 

[oldschool]

I asked this only to know really "Should I be worried about a small chance I have a RAT on my system, and that it could have took video of me"

Hard to say. I'd try to take easy until you know more. I know, it sucks. I've got OCDC too, my friend!

 

[Xeno1234]

Hard to say. I'd try to take easy until you know more. I know, it sucks. I've got OCDC too, my friend!

Alright. Appreciate it. I think I’m in the good, so I’m just going to go about it worry free. It’s been 6 months with no signs of my fear becoming a reality.

 

[brambedkar59]

I have done a wipe of OS on laptop (although it was through windows, I dont have a usb sadly).

I won't trust an infected OS to clean itself, especially Windows device. For an Android phone, factory reset should be enough.
With MB forum you are in good hands, they helped cleaning my system almost 12 years ago.

 

[Xeno1234]

I won't trust an infected OS to clean itself, especially Windows device. For an Android phone, factory reset should be enough.
With MB forum you are in good hands, they helped cleaning my system almost 12 years ago.

I plan on buying a USB for my laptop and resetting it that way (im not even sure if its infected but I barely use it), but my old pc is either going to be USB reset, or will be disinfected through probably malwarebytes forums or here, then reset through windows as im giving it to my parents to use as I got a new desktop (which I have verified is 100% clean).

Im going to be taking a break from these cybersecurity/malware forums. I just need to take a step back and relax because I've been pararnoid about infection for the past 2-3 weeks, even when I have no proof and can distinctly remember me putting safeguards in place so I dont run a file, or get infected.
Appreciate you guys

 

[oldschool]

Im going to be taking a break from these cybersecurity/malware forums. I just need to take a step back and relax because I've been pararnoid about infection for the past 2-3 weeks, even when I have no proof and can distinctly remember me putting safeguards in place so I dont run a file, or get infected.

That's why I say "Stay safe, not paranoid".

 

[Xeno1234]

That's why I say "Stay safe, not paranoid".

I'm defininetally staying safe now. Never touching malware again, or until I might take cybersecurity classes in college.

 

[Victor M]

Backups are VERY IMPORTANT, especially drive image backups. Restoring from a known good drive image will save you a Lot of Work. Not willing to spend $15 on a 128 GB USB stick is plain ______.

 

[Xeno1234]

Backups are VERY IMPORTANT, especially drive image backups. Restoring from a known good drive image will save you a Lot of Work. Not willing to spend $15 on a 128 GB USB stick is plain ______.

What are good backup solutions for free?

 

[Digmor Crusher]

I'd have thought it was better to get advice from multiple sources and viewpoints? Shared and collective knowledge is important, seems strange not to be able to ask for advice on different platforms..

Nope, any forum that does malware removal will always say to get removal help from one forum only. You can get advice anywhere but if they are doing any malware removal with specific tools then only one forum is recommended.