Internet sharing configuration

Discussion in 'Malware Help (A Specialist Will Reply)' started by Gentoo, May 9, 2005.

  1. Gentoo

    Gentoo Private E-2

    Hey Guys,

    I'm new here and this is my first post on the forum so please bear with me. I'm having the following issue whereby once in a blue moon i'll get prompt from this irritating box. Below are the attached image...

    http://img.photobucket.com/albums/v174/olivero/prompt.jpg

    Suspecting that it could be spyware i did a run on my system using ad-aware, it did detected some spyware and have it remove but the problem still occurs. I used to be on the alert for virus, spyware etc, so i always update my AV and spyware removal and previous use to install Za firewall but after switching to a router i remove Za as there's a built in firewall in the router. FYI i run a scan with hijackthis and comes out with a couple of files but i've no idea which is needed and which is not which is why i posted here and hope someone could help me, TIA! ;)
     
    Gentoo, May 9, 2005
    #1
  2. Gentoo

    Gentoo Private E-2

    No one knew anything about this?? :eek:
     
    Gentoo, May 9, 2005
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    We really do not have enough info to go on. First I would have kept the software firewall (like ZA). They are more flexibly and give you more control. It may even have given you more information about this. Are you using XP SP2? If not, what OS do you have. If you believe there is a possible malware problem here, complete the steps below.


    - Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal Make sure you check version numbers and get all updates.

    - Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


    After doing ALL of the above you still have a problem:

    - Download HijackThis 1.99.1

    - Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

    - Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

    - Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

    - Run HijackThis and save your log file.

    - Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).
     
    chaslang, May 9, 2005
    #3
  4. Gentoo

    Gentoo Private E-2

    Thanks for replying, i've read through the link which you attached>>

    Network Security, Workstation Netlogon Services & Remote Procedure Call (RPC) Helper (Windows XP, 2K, NT); Only do this step if you have the about:blank or home search hijack. You need to check to see if any of the following three Windows services are running:
    Network Security Service
    Workstation Netlogon Service
    Remote Procedure Call (RPC) Helper

    There isn't network security or workstation netlogon services but there's two Remote procedure call, one is known as Remote procedure call locator and the
    other is just Remote procedure call. There's also a program known as workstation, wondering is it the same as workstation netlogon service? (it shows the name as lanman workstation) In the end i run hijackthis again and comes out with a couple of files, the following are the logfiles of hijackthis, hope you can help me out.

    etwork Security, Workstation Netlogon Services & Remote Procedure Call (RPC) Helper (Windows XP, 2K, NT); Only do this step if you have the about:blank or home search hijack. You need to check to see if any of the following three Windows services are running:
    Network Security Service
    Workstation Netlogon Service
    Remote Procedure Call (RPC) Helper

    Edit by chaslang: Inline log removed
     
    Last edited by a moderator: May 10, 2005
    Gentoo, May 9, 2005
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please read the directions I gave for HijackThis again more closely. You did not follow any of those steps.
    Step 2 of the READ ME FIRST specifically states:
    Only do this step if you have the about:blank or home search hijack.

    You do not have an about:blank or home search hijack so you should be skipping this step.

    Further step 2 stated:
    look for exactly the following service names (no others)

    Since you did not see the exact service names, again you should be skipping the step even if you did have a hijack.

    There were no malware issues in your log but you could have HijackThis fix the below line:
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

    You problem is not a malware issue and you would be better off asking questions on it in the Software Forum. However, please note your OS and IE versions are seriously out of date and represent a major security risk. You should run the steps in the below link the first of which is to go to Windows Update:

    How to Protect yourself from malware!
     
    Last edited: May 10, 2005
    chaslang, May 10, 2005
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds