steve1368

Thanks for the suggestions guys. Right now my HJT log is being analysed by AndyManchesta. Lets see what happens. Thanks again

I can safely say that I didn't visit crack/serial sites recently. I do download movie torrents ( I love movies ), and I only click on links from the sender I know off, if not it is a big NO NO for me. Now I'm gonna stop that too. Guess I was away too long from here, I didn't know MSAS ( Microsoft Anti-Spyware) is now known as Windows Defender. I have MSAS running at all times, wouldn't that cause any problems if both running together ? Anyway, just to inform everyone, I have scanned my system & came out with nothing, just wondering whether my comp security is compromised? Anything else I can do ?

I thought my computer security is pretty good. I mean I have Kaspersky,Ewido,cwshredder,spywareblaster,MSAS,ad-aware,spybot,analog script defender,ccleaner,outpost pro, D-link hardware firewall. I always use firefox , use ccleaner after use and regularly scan & clean my comp. But guess what ! I got hacked into my e-gold account, luckily only lost small change but I'm damn mad because someone got thru all my securities measures I have taken. The only think I can think of is this trojan I read about "Win32.Grams" , those who wanna read more , here is the link. http://www.lurhq.com/grams.html Now , I'm totally lost, you can never be too careful. Did some research, some suggested using VMware virtual desktop http://www.vmware.com/ and another suggested Faronics Deep-Freeze http://www.faronics.com/html/deepfreeze.asp I really hope someone can shed some light in this matter. I don't feel safe anymore, altho I've changed my passwords. Help me out guys before I go bonkers.

You're kidding aren't you. I'm one the guys who got interested in OP, and you guided me. Are you telling me I'm just one of the 3 persons who converted to OP.I'm truly surprised. I find OP a great software fw. In my experience it is much more better then ZA( which I've used ). I initially had some hiccups with OP, then I found out, that it was due to software conflict with my anti virus( I was using Avast, at that time ). Altho Avast was good but I liked OP , so switched my av to Kaspersky,which my nephew passed it to me.......it has been a smooth sail ever since. I'm no expert in firewalls, but with my Kaspersky,Ewido,CWshredder,MSAS,Spyware Blaster,AdAware SE, Spybot,CCleaner and D-Link router and several more progs, I think I'm pretty much protected. All this I learned from here. Thanks to Tarun, DJLizard, Lee16 , Twisted, Andavari and many more "senior" guys over here. I don't come here so often nowadays, but I try to pop in once in a while. Hope many more will test out OP Cheers

Its been a long time since I posted here I just saw this suggestion in another forum - to protect your pc from keyloggers One of the suggestion was to use this software http://www.snoopfree.com/ I didn't download it , since I believe I have enuf softwares to protect my pc, nevertheless I like to know if this is any better. Cheers !

Recently, I got it every time I scanned with spybot. First time I deleted it, but comes back again. So now, I just ignore it. Cheers

You mean you're 33 years "young" lady None of us are old over here. We are all young bunch of ppl ( I hope nobody disputes that ) Welcome to CCleaner Forum, incy wincy.

I was refering to commercial products like Nod32. I'm using Avast Home Edition, its free as you know. Just wanted to share with everyone that with a freeware anti virus and a good layering , you would be well protected ( not 100 % , but very well protected ) So, in summary, altho products like Nod32 has good ratings, you can still make do almost equally well with a decent freeware anti virus with proper layering.....sound familiar isn't it ? Yes it is, it's been told many times I guess, just that I found a link showing me figures in comparison with freeware and commercial product. That's all. Having said that, one persons test doesn't mean a lot , but it gives me a good idea the margin of difference between both. Cheers

Yep! What I thought was interesting was the % of security achieved with freeware softwares in comparison with commercial products AND choice of freeware product used in his findings. I'm sure a lot of us are following the above method. In my case, I don't know where I actually stand in terms of security compared to commercial products.....now I know

I found something interesting just now, regarding security measures. Title as follows:- "How Good are Free Security Programs? A multi-part series that examines the effectiveness of free security software." Some may have read it , some may have not, anyway those interested, check it out! http://www.techsupportalert.com/free-vs-paid-av.htm From the same writer of "The 46 Best Ever Freeware Utilities" . Cheers

Welcome aboard Sunshine. Hope you will enjoy learning like I do. Cheers

I guess , that means I can maintain my C: as it is.....compressed. Thanks

Well here is the breakdown C: Total size 19.1 , free space 12.3 GB D: Total size 19.1, free space 4.07 C is compressed.Besides the normal stuff, I have mp3 that is about 700 MB. I think this is OK. My concern is whether to uncompress C: . I compressed C: long time ago, when free space went as low as 2 GB. D: is low becos I have a lot of movies down there. , but this not compressed, so this not my current concern System : Intel® Pentium® 4 CPU 2.40Ghz , 768 Mb of RAM. Windows XP Pro Version 2002, SP2 So based on above system info, can you please explain what you mean in your second para. Thanks Cheers

Only 40 GB

When I hd was running short of space, I compressed by C: Now I have more space available., but continue to keep C: as compressed. I was told that it is not very good to keep C: compressed, as it is has to work harder when opening file, i.e. originally compressed , uncompress to open, compress again after use. So, is it true that it is bad for the pc? Cheers

Ha ha, you go "Commando" as you mentioned somewhere before. Well, I'll just remove the fw and check it out.

DjLizard, tried Autorun, no entries with "file not found" near them. BTW my pc has not shut off suddenly so far. My fw is still turned off, I wonder my fw got screwed up and gave such a problem?

Actually, the shut off time varied, some was very immediate,but all of it never made it into windows. I should have narrated better for clearer uderstanding, guess I didn't. I have applied Tarun's Anti Malware and his guide to keep my pc clean and I run them at least every 2 days, if not everyday. I'll try Autoruns at my pc later(my whole neighbourhood has a power failure & I'm writing from a pc in my sister's home). Will post updates later. Thank you very much. I guess you are new here and trying to help and you don't mean to be unfriendly. Sometimes, it will be good if you don't try to proof that you are right & others to be wrong......well just a thought, thanks for your help anyway.

Since I live in a different time zone, I didn't get any replies from anyone yesterday morning ( my time ). So, I managed to get a tech to check my pc, last night. After checking, he knows, what I meant shutting off in seconds after switching on. So, he went to safe mode, but the computer didn't shut off and still working. He did some other checking with my computer, which I don't know ( yesterday night I had some unexpected visitors, so I had to juggle my time with the tech & the visitors ). But I know he went to "msconfig" ( if I'm not wrong of the spelling) & saw something alien, that is some small "boxes" character. After removing the boxes the computer can work as usual. But the "boxes" came back again when he checked msconfig. His suspicion & he repeated that it is only a guess, that it could be a worm. He needs more through checking he said. The mobo looks OK by visual inspection. He doesn't suspect power supply anymore. After he left, I restarted the computer , boom...same thing happened again. But I restarted again the comp and it worked well without shuting off. So I quickly burned some important documents. At that time, I noted my software firewall was disabled and my comp is still working without shutting off by itself. I did a scan with ewido, nothing found. So I went to bed. This morning, I switched on the comp, still working properly, no shutting off in seconds. Again I noted my fw was disabled. Tonite, I'm going to remove the software fw and monitor the comp for anything else. Meanwhile, I'm going to learn from my nephew about reinstalling computers. If nothing happens, then it is OK, but if the damn thing happens again, I'm going to reinstall my comp. BTW, DickUpinya, take it easy. The guys over here are good fellas. Read as many posts you can, you'll understand what I mean. To me, when I'm in s**t , these guys help me out a lot. So I'm sticking here. Cheers. EDIT - Additional info : The fans are working. I've got 3x256 MB Kingston RAM. Out of which 2x256 MB RAM was installed 3 weeks ago. No problem on RAM so far. No beeps , no other sounds, no error message.

Last night my cpu just "shut off" by itself ( not proper shut down ). There was no power on the cpu. I checked and made sure all wires are intact. I didn't have any clue. Restarted the computer again. After about 30 minutes, same thing happened. That's it...... I went off & slept. This morning, it went off in seconds after switch on. This happened 3 times when I tried. The monitor is working fine. I changed the cables & tested in those times and even connected directly without using the ups...same result, on & switches off in seconds. I don't want to repeat further, fearing repeated on & off might damage something. I suspect some hardware problem. Anyone has any idea whats the problem & how to troubleshoot this one? Please advise in layman terms. Thanks

Removed it as per your suggestion. Thanks

Since I've been hit by bagle & backdoor recently, decided to post my HJT log for analysis. Thanks in advance. Logfile of HijackThis v1.99.1 Scan saved at 22:44:27, on 01/07/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Analog Devices\SoundMAX\Smtray.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\ewido\security suite\ewidoctrl.exe C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Ares Lite Edition\Ares.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe C:\unzipped\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [Outpost Firewall] C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe /waitservice O9 - Extra button: Browser Adjustment - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll O16 - DPF: {2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.windowsecurity.com/trojanscan/TDECntrl.CAB O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...468/mcfscan.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{4F2A6F5F-8BAF-4972-ABC6-DA099E47B685}: NameServer = 202.188.0.133 202.188.1.5 O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Did that with avast & ewido.....nothing I'll post my new hijack this log in a new topic. Hopefully nothing nasty. Thanks

Thanks DjLizard

Did a manual check , both files still there. I have avast home resident scanner, msas & outpost pro running all the time. Is there anyway to check further to be really sure, or should I just post here my current HJT log for analysis.