Proxy Virus on XP Professional stand alone home system

[Ferne]

Help!!!, My ISP's out of town office hacked into my system and now I apparently have a Proxy Virus on my system. I need assistance to get rid of this problem. I can't get to the internet to begin with now as some of my files were removed as well. I basically have to do a clean install once I get rid of this virus, which I don't even know the name of or what to look for or where in XP Professional. Now if it was Win98SE or NT4.0, not a problem, but so many things are different in XP with Service Pack 2 that I feel I am only treading water and getting nowhere.

Originally got message missing iecont.dll and missing icontcl.dll. I didn't think that these files existed in XP. Maybe I am missing something??

I am presently at work, but have contacted all of my IT people that are still working in the industry that aren't burnt out (lol). But I figured I would still post a thread here too.

Any guru's with any information would be sooooo appreciated at this time. I will check my email while I am at work in the morning as it is almost quitting time (E.S.T.) for me.

Thanks in advance ppl

 

[Vigilante]

Found this forum as a quick search, maybe they have an idea

http://www.dbforums.com/t717306.html

It seems the two DLLs of yours may be part of the dotNetFramework 1.0 or whatever. Which it could be that those two DLLs are NOT needed, because updated versions have been installed.
Based on a skim of that post I would do this:

1) Download these programs:
Regsupreme - http://www.macecraft.com/downloads/RegSupreme_setup.exe

HiJackThis - http://www.merijn.org/files/hijackthis.zip

CrapCleaner - http://www.filehippo.com/download/Qi6RR0U86febzhqUrQQIBQ2/download.html

2) Go into Safe Mode (press F8 before windows loads on startup)

3) Turn off System Restore (right-click My Computer-Properties-System Restore)

4) Run Crap Cleaner, all defaults are fine, just clean.

5) Run Regsupreme Normal scan, fix everything it finds.

6) Run HiJackThis and create a Log, post it here.

We'll take it from there I guess.

Last question. Why do you think it was your ISP? Where did you see a proxy? What is telling you these things?

good luck

 

[Ferne]

Vigilante -Thanks

ISP is aware that someone has used their addresses to hack into a few systems on their network. They are providing me with the information and also givign me two months of free service for my aggravation. Again, thanks for the sites. This will definitely help me diagnose what is going on with my system.

 

[Ferne]

Update on Proxy Virus

Just wanted to say thanks to Vigilante. Passed on all the information that I had to my ISP and they traced it back to another computer using their IP addresses and now know what was put onto my computer. Sdbot.aay with some other code to make accessing ports 139, with some other malicious code to make my system act like a proxy server. It has been successfully removed and it is not due to my ignorance. Thank god I did have Zone alarm running to give me the information, and I won't have to trash my system, it takes me tooo long to get everything installed and running properly again.

Again thanks to Vigilante for all of your assistance, it is very much appreciated.