A bit complicated as well as possible general PC paranoia, so please bear with me:
Basically I was drunk awhile back and tooling around in a chat room that is frequented by the developers of certain popular open source fractal programs. Though I'm not a programmer myself I enjoy being around for the insight some of the conversations provide. I've spent time in the room before and security was the least of my concerns (plus I was drunk).
Anyways, the conversation drifted, and I found myself shooting the bleep with another member about PC specs and what not (I've spoken with him before without any strange occurences). After admiring his rig, and asking for some tips on possibly getting an overclock without needing to install a new fan, the member asked if I wanted to see a cam of his rig. Being the extremely amateur PC enthusiast that I am, I was psyched to see his "room full of PC parts" as he put it. This was mistake #1, I didn't really know the person, but was bored and am considering building my own PC when I have the money next year.
So I click on the link, thinking its just some streaming video, and completely without thinking, installed the plugin required to view the stream. Mistake #2, it was an ActiveX control. I've never heard anything good about these, even though I'm sure some do serve a legit purpose sometimes. Basically I guess I did a direct IP connection to his computer (yikes). Short of describing some possibly paranoid ideas, this is where it ends. He showed me some of the different setups he was working on, told me how he works in PC and Property Security (installing home security camera systems, fixing PC's etc) and I went to sleep. The next night, I joined the chatroom and him and another user were talking about how he lost some work last night from accidentally turning off his power strip, they both laughed then greeted me. Its abit odd, as my power strip was off when I arrived home and had to flip the switch to turn it back on (I doubt its possible for him to do it remotely, but my cleaning lady might have) Coincidence maybe....
The next day after this, (having already decided I should keep my internet unplugged unless I'm actively using it) a couple commonly used programs weren't working properly. I did a system restore, and they worked fine again, but I had to reinstall a few updates from microsoft that protected against remote control and re-download my nVidia drivers, which took about 30 minutes to dl/install.
Ever since this event my internet seems to be a bit slower and is acting a bit funny. I also seem to get spyware and popups easier than before just from browsing the internet. Sometimes when I browsing the internet, I will click on a link and the text on the next page will be huge (as If i did ctrl+mouse scroll to zoom in even though I did not)
I'm paranoid that my PC's security may have been compromised by this fellow, he sure does posses the knowledge to hack someones computer into oblivion though obviously I have no desire to smear someones good name on the internet by shouting "j00 haxxed me!" (and also maybe piss him off regardless of whether or not he messed with my computer)
OS: Vista x64
Antivirus/Cleaning Software: Avg-Free & Defender running in tandem, Avast!, Ccleaner
All turn up negative or find just general low risk threats.
So here are my questions:
1. How likely do you think that my PC has been compromised based on the info/story given?
2. Will posting a Hijack-This log possibly help to detect any damage incurred by this guy or any other possible security issues acquired from shady websites, torrents etc?
2a. What are some other good free programs for scanning and getting rid of spyware, trojans and especially rootkits? (AVG free doesnt scan for rootkits)
3. How can I find out beyond a shadow of a doubt, that someone has true remote control over my system?
4. If I find out that someone does infact have remote control of my PC through advise given for question 3, should I even bother trying to fix any breaches or should I just do a factory restore? This guy who may have hacked my PC probably did so thinking I wouldn't suspect anything was done.
5. My computer came with a partition with the factory restore information on it, I can't find the disks I made when I first got the PC so I would have to make them again. Should I use those or just request a new set of disks be sent from the company I bought my computer from? (Although I'm not sure if they can do that as my warranty is up) IE: If someone hacked my computer, do you think they messed with the partition too?
6. Would I need to request a new IP address from my ISP if steps 4 and 5 are taken to assure complete security?
I will readily admit that I'm abit of a paranoid person, and some of my paranoia may cause me to be creating a problem out of thin air. Basically I just want to find out if my PC has rootkits, backdoors etc on it or anything else that gives someone remote control over my system. I don't mind general advertising related spyware (hell sometimes I've found out about new and/or neat products from internet advertising I may not have known about otherwise) but I absolutely deplore the idea of my computer being used for sending spam, storing hacker tools or any other disgusting things such as that. I rarely run my credit cards on my PC but it pisses me off thinking that someone could be using my PC for bad things.
Either way, Its about time I do a manual check of this PC, I've had it for about a year and have done little other than run my antivirus/ccleaner occasionally.
Thank you in advance for anyone who takes to time to read this convoluted story and help to get me started in checking for any security problems.
Edited by infx13, 04 September 2009 - 08:03 PM.