Globalroot and Win32 trojan horse

OK lets try the winsockxp repair next - a bit more robust than the MS version

Download and run winsockxp fix from http://majorgeeks.com/download4372.html reboot and then try again

We tried this one earlier and it didn’t work. Tried it again, just in case, but still no result. I uninstall Avast to get rid of the flags…it worked ;D For some reason, it takes a while to start up, i can’t start a program for longer than usual, i’ll defrag to see if it change anything…

So with Avast uninstalled the internet works ?

SPRING CLEAN

Download TFC to your desktop

[*]Open the file and close any other windows.
[*]It will close all programs itself when run, make sure to let it run uninterrupted.
[*]Click the Start button to begin the process. The program should not take long to finish its job
[*]Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

THEN

Download Flush Flash from Here and follow the easy to use instructions on the same page

NEXT

Download and run Puran Disc Defragmenter

I wish :frowning: No, it just stop the flags from driving me crazy… See, i though this was the hold up (flags would appear as the hour glass pointer would become the arrow), it was taking so long for the computer to be operational (able to use any programs) that i was hoping that by removing Avast that it would help (maybe files had been corrupted), but no… even after the clean up and defrag you suggested, it still takes longer than usual to be able to access any programs. I’m wondering if by using combofix prior to you “showing” up, some vital files might have been deleted inadvertently by inexpert me :frowning: if you still have some tricks up your sleeves, i’ll be happy to try them but if i’m beyond normal help, well…

I can never say thank you enough for you helping me get rid of the bad guy :slight_smile:

Thank you a zillion times :slight_smile: And big hugs from across the ocean :wink:

Straagal

Are you connecting via router ?

Please download SINO by Artellos.
[*]Save SINO to a place you can remember and run SINO.exe. (If you downloaded the ZIP version you will need to extract it first)
[*]Then please check the following checkboxes:

System Info Services Boot Check Tasklist Startup Items Event Log Ipconfig Ping Netstat Hosts file Shares Routing Table
[*]Once checked, hit the [b]Run Scan![/b] button and wait for the program to finish the scan. [*]A notepad window will pop up. Please copy all of the content into your next reply. Note: If you try to interact with the program once it’s started scanning it might appear to hang. The scan however will continue.

Both computers are via router, the laptop is wireless and the “sick” one by cable (i don’t think it makes a diff, but just in case).

Here’s the results:
Actually the message exceeded the lenght allowed, so i included the log

Thanks for not giving up on me :slight_smile:

I found this

Wired AutoConfig (Dot3svc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k dot3svc

Dot3Svc Wired Auto-Config Service. Background Windows XP SP3 Service which enables and manages wired network connections (ie. connections via network cable through a network port on a PC or laptop, through a network card, or PCMCIA LAN adapters). This service was introduced by Service Pack 3 for Windows XP (wired network connections were managed by the WZCSVC Wireless Zero Configuration Service under Windows XP SP2). Without this service your network cards/adapters will not show in Network Connections and you simply won't be able to connect to any network via network cable.

Go to Control Panel > Administrative Tools > Services
Locate Wired AutoConfig
Right click and select Properties
Set the start up type to Automatic
OK out
Reboot and then try the net

Forum is painfully slow

second screen shot

didn’t work :frowning: Could it be that the bug/trojan you fixed “fried” the internet card?

Not fried the internet card, it may just be a coincidence, although the card is suspect - but this is what sino showed that put me on that track. Do you have access to a wireless USB transmitter ?

Pinging to www.opendns.com There was a problem executing a ping to www.opendns.com This can be due to various reasons. Missing a DNS Server or Internet Connection are the biggest cause of this error.

Windows IP Configuration

An internal error occurred: The request is not supported.

Please contact Microsoft Product Support Services for further help.

Additional information: Unable to query host name.

Could you go start > run and copy/paste the bolded text below then press enter. Let me know what is displayed

ipconfig /all

Did it, a window pop up but disappear right away…!? Like… i did it a few times, trying to click the window before it disappear with no luck :-[ anyway to slow it down?

I think we may have to check the veracity of your files as that appeared to confirm the the relevant file is corrupt or missing

From the Start menu, select Run.
In the Open field, type sfc /scannow (Note: There is a space between sfc and /scannow)
Select the OK button.
Follow the prompts throughout the System File Checker process.
Reboot the computer when System File Checker completes.

Did so and the disk was required to replace/copy missing or corrupted files. :cry: Now the computer keeps restarting in a loop, the only way to do anything is to access safe mode. I’m saving all my files now (wish i had done that earlier…). I’m seriously thinking of formatting the drive and starting fresh since it seems pretty messed up from my tinkering prior to “meeting” with you, unless the virus/trojan wiped out necessary files. Anyway, let me know if you think of anything else, before i do the unreversible:)

I would recommend a fresh install as the corruption I am seeing may just be the tip of the iceberg

I do have a tutorial here that may assist http://www.geekstogo.com/forum/Reformat-Install-Windows-t173729.html

Hi Straagal
You say ‘Both computers are via router, the laptop is wireless and the “sick” one by cable…?’
Do you mean that the only problem computer that you have is the cable (network) computer? And otherwise, network was okay?

May help some for Services entry identified earlier - Wired AutoConfig (Dot3svc) - Stopped - if possible, was reset to Automatic and began as such with the whole network. So perhaps, need to adjust configuration utility (msconfig) and maybe router as well, I dunno, but just to sort the Dot3svc issue anyway.