Well here is a strange request....a tech asking for help on his own computer.lol I think I basically just freaked out in this situation and panicked since it was my own computer and my own personal data at risk.
Here is the deal, my internet was super super slow at my office yesterday so I called my ISP after doing a power cycle on the modem and router. They claimed all was good on their end but I had an unusual amount of outgoing traffic. I reached over and switched off my wireless card and he said, ok it stopped. Uh-oh. I closed Firefox, Thunderbird and iTunes, reconnected to the router and he said the traffic going up was back. Weird. I have a little Windows 7 gadget to monitor network traffic on my desktop and I could see traffic both up and down and my hard drive access light was blinking non-stop. Weird. I panicked. I have a couple TrueCrypt containers on my system with alot of personal banking info. My CC#'s, SS#'s bank, stock info etc. I have a very good, very long passphrase but I immediately start thinking about that data.
I have KAV running and it's showing nothing. I update MABAM and SAS and run them both. Nothing shows up. I open a packet sniffer and it's going nuts with data transferring up and down. I close it in 100% freak out mode. In my haste (and I had other stuff I had to get done) I didn't even think to look at the outgoing IP's, it could have been nothing malicious, and I didn't even think to see how MUCH data was being uploaded. Duh. I know I'm an idiot but again, I was in a hurry.
I ran Kaspersky's TDDS Killer and it comes back clean. Process Explorer shows no unusual un-verified processes running. HiJackThis had one gopherprefix which I removed.
I then went to my TrueCrypt files and renamed the files. I let everything finish up scanning, again, nothing was found at all, besides the one thing I mentioned in HiJackThis. I looked at the network monitor and the data upload traffic had stopped. It would sporadically show a little random upload traffic but not much. Today it's just sitting there on 0 traffic up and down most of the time unless I'm obviously doing something. But my pessimistic mind keeps telling me that something was uploading data from my system and it only "happen" to stop after I renamed the TrueCrypt files.
Guys, just be honest with me and tell me if I'm an idiot.lol I normally never have a problem determining if a machine is infected or 2nd guess my results but for some reason I just started imagining all my personal info being uploaded and some crook having my passwords and opening up bank accounts in my name.lol It's not normally anything I even think twice about, since it's all TrueCryt'ed but it just really panicked me yesterday.
Thoughts? Do you think I'm clean? Should I just forget about it or run more scans since everything has shown up ok?
Here is the deal, my internet was super super slow at my office yesterday so I called my ISP after doing a power cycle on the modem and router. They claimed all was good on their end but I had an unusual amount of outgoing traffic. I reached over and switched off my wireless card and he said, ok it stopped. Uh-oh. I closed Firefox, Thunderbird and iTunes, reconnected to the router and he said the traffic going up was back. Weird. I have a little Windows 7 gadget to monitor network traffic on my desktop and I could see traffic both up and down and my hard drive access light was blinking non-stop. Weird. I panicked. I have a couple TrueCrypt containers on my system with alot of personal banking info. My CC#'s, SS#'s bank, stock info etc. I have a very good, very long passphrase but I immediately start thinking about that data.
I have KAV running and it's showing nothing. I update MABAM and SAS and run them both. Nothing shows up. I open a packet sniffer and it's going nuts with data transferring up and down. I close it in 100% freak out mode. In my haste (and I had other stuff I had to get done) I didn't even think to look at the outgoing IP's, it could have been nothing malicious, and I didn't even think to see how MUCH data was being uploaded. Duh. I know I'm an idiot but again, I was in a hurry.
I ran Kaspersky's TDDS Killer and it comes back clean. Process Explorer shows no unusual un-verified processes running. HiJackThis had one gopherprefix which I removed.
I then went to my TrueCrypt files and renamed the files. I let everything finish up scanning, again, nothing was found at all, besides the one thing I mentioned in HiJackThis. I looked at the network monitor and the data upload traffic had stopped. It would sporadically show a little random upload traffic but not much. Today it's just sitting there on 0 traffic up and down most of the time unless I'm obviously doing something. But my pessimistic mind keeps telling me that something was uploading data from my system and it only "happen" to stop after I renamed the TrueCrypt files.
Guys, just be honest with me and tell me if I'm an idiot.lol I normally never have a problem determining if a machine is infected or 2nd guess my results but for some reason I just started imagining all my personal info being uploaded and some crook having my passwords and opening up bank accounts in my name.lol It's not normally anything I even think twice about, since it's all TrueCryt'ed but it just really panicked me yesterday.
Thoughts? Do you think I'm clean? Should I just forget about it or run more scans since everything has shown up ok?
Last edited: