Tech Support Guy banner
  • Please post in our Community Feedback thread for help with the new forum software! If you are having trouble logging in, please Contact Us for assistance.
Status
Not open for further replies.
1 - 1 of 1 Posts

·
Registered
Joined
·
12 Posts
Discussion Starter · #1 ·
hi guys..... i'm really confused about this one. my isp called me today and told me they were deativating my account because my computer has a virus on it. i scanned my pc through housecall and it found 59 viruses. we deleted those, but the desktop is still screwed up. it changes color when i move the mouse around and icons take several clicks to activate. also, my computer tries to access the web when i'm not signed on (dial-up). i've run the programs recommended on this site (spybot, adaware, cleanup and a couple other things) to no resolve. can anybody help? thanks for reading. here's my hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 6:14:43 PM, on 6/17/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\ltmsg.exe
C:\WINDOWS\System32\tbctray.exe
C:\Program Files\CallWave\IAM.exe
C:\Program Files\Velocity.Net Accelerator\vn_accel.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\default\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5400
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>;127.0.0.1:5400;*windowsupdate.microsoft.com;*windowsupdate.com;download.microsoft.com;codecs.microsoft.com;activex.microsoft.com;liveupdate.symantecliveupdate.com;liveupdate.symantec.com;service1.symantec.com;*.nai.com;*.networkassociates.com;ar.atwola.com;ads.web.aol.com;VTOT.proxy.aol.com;ads.aol.com
O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\System32\tbctray.exe
O4 - Global Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Velocity.Net Accelerator.lnk = C:\Program Files\Velocity.Net Accelerator\vn_accel.exe
O8 - Extra context menu item: Show All Original Images - res://C:\Program Files\Velocity.Net Accelerator\vn_accel.exe/250
O8 - Extra context menu item: Show Original Image - res://C:\Program Files\Velocity.Net Accelerator\vn_accel.exe/227
O16 - DPF: Yahoo! Chess - http://download.games.yahoo.com/games/clients/y/ct2_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/clients/y/tt2_x.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{725992C4-2EF6-4C4E-9EB8-E41CE9353F6F}: NameServer = 66.211.211.21 66.211.211.22
 
1 - 1 of 1 Posts
Status
Not open for further replies.
Top