I Got Pwned... Now What?

[Hideous_Hog]

I made a big mistake a couple of weeks ago. While installing WinXP on one of my home computers, I shared my full HD from my main computer to copy a bunch of files. Yes, I forgot to unshare it afterwords.

A couple of days ago I started to notice some funny stuff, like the cursor slowing down when I typed. I ran an antivirus and ADaware programs and found that I was badly infected with all sorts of stuff. "Back doors", viruses, you name it. I spent several hours running and rerunning the standard anti-virus programs, and they are all gone now. I have also changed all my passwords to sites that have sensitive information.

My question: Could there be anything more on my computer that I should be worried about? I am so paranoid that I am considering reformatting the HD because of this.


Opinions?

 

[ianbergman]

ouch.

one good tool to try is the netstat command line utility.

get to a command prompt, and type "netstat -a -o"

that will show you all the processes that are running that are using or listening to network ports. You can then compare the processor ID #s to those listed in the task manager (ctrl-alt-del) to make sure they're legit. usually if you're not sure, a quick google search will tell you.

I'd say there's a good chance you got yourself a custom bug somewhere, so especially look out for more internet traffic than you're expecting (use the network monitor in the task manager). Last time I saw something like this, one of my users had gotten herself a fascinating little piece of IRC-based malware that popped into IRC to get commands, and basically was using her (MY!!!) internet connection as an FTP host for some... let's just say less-than-legal video files.

 

[Nothinman]

My question: Could there be anything more on my computer that I should be worried about? I am so paranoid that I am considering reformatting the HD because of this.

Of course, you should format the thing and start over. It's the only way to be 100% sure you're clean.

 

[drag]

Originally posted by: Nothinman

My question: Could there be anything more on my computer that I should be worried about? I am so paranoid that I am considering reformatting the HD because of this.

Of course, you should format the thing and start over. It's the only way to be 100% sure you're clean.

Also think about the time your going to spend on fixing it. You gonna download 5-10 free utilites from anti-virus websites, your going to be checking out files, your going to be having to buy extra anti-virus stuff, and your going to be paranoid about it and have to be checking things out when your system breaks.

A reformat and a install takes how long?


Next time, get a router/firewall. They are cheap and software firewalls are a pain to deal with. You could build one if you wanted to, like most true geeks.

 

[n0cmonkey]

God I love open shares and hidden ftp servers.

 

[Hideous_Hog]

Thanks all for the replies.

Yes, I agree that a format is the only option to give me piece of mind. I will be planning soon the the old "lost weekend". Not as bad as it was in the past, but bad never the less.

 

[skace]

Originally posted by: n0cmonkey
God I love open shares and hidden ftp servers.

You must love my pc!