I have just been pointed to a similar situation where CookieGal was working - so I have pinched a batch file from her to look at all associted registry entries

Go to Start - Run and copy and paste the following:

regedit /e C:\look.txt “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services”

You won’t see anything happen and it will only take a second. You will find the report it creates at C:\look.txt. Please open it in Notepad and then zip it and upload the zipped file to mediafire and post the sharing link

http://www.mediafire.com/?s9ie4butuzzwu8c

Ta will take me a while to run through this

I did not have a Windows XP installation disc, but I have a friend who does. Could I use this disc to do a repair on the OS and fix the TCP/IP issue?

Yes you could run a repair install - details here http://www.geekstogo.com/forum/topic/138-how-to-repair-windows-xp/

It would definitely be faster… I am about halfway through decoding the hex files now ;D

If I do perform a repair, and assuming it fixes my TCP/IP problem, what should I do immediately afterward in terms of scans or pulling updates from Microsoft?

I still have OTL, malwarebytes, and the avast malware tool on the machine.

Thanks!

Prior to doing the repair download the latest copy of your AV to the desktop
After the repair and before you update the system install said AV
You will need to get the latest updates from MS, the number required will depend on the age of the CD

Thanks. I should be able to do this tonight and I will report back with results.

You might give this “FixIT” a try since you are planning to do a repair installation. It has worked for me in the past. It will repair Winsock issues.

http://support.microsoft.com/kb/811259

Good ploy that I have the entire centre installed on my system just in case
http://fileforum.betanews.com/detail/Microsoft-Fix-it-Center/1271432341/1

I guess a comment needs to be made about all these XP repair installs I see going on. The comment is they don’t always work for the below reason. It is always best to do a repair install with an installation CD whose SP matches that which installed. If your installation CD is pre-SP3 and your current XP installation on the PC is SP3, there could be problems.

I have seen a few comments in this forum to the effect that a SP3 upgrade CD from Microsoft will work for a repair installation of an existing SP3 installation. I think you can still download the .iso version from the Microsoft and then create a bootable CD. I personally have never tried it.

From Michael Stevens web page:http://michaelstevenstech.com/XPrepairinstall.htm

[b]If you get a warning message: “Setup cannot continue because the version of Windows on your computer is newer than the version on the CD.”

You get this message when you use a pre-SP 1, SP2 XP CD on an XP installation that has been updated to SP1, SP2.

You have the options listed below.

1.Remove the SP 1, SP2 update if the option is available from Add/Remove.
2.Create a slipstreamed XP CD merging the SP1 or SP2 update.
2a Autostreamer for creating a slipstreamed CD the easy way.
3.Purchase an XP CD with SP2 included. [/b]

I basically ran out of time to repair the system, so I managed to backup the data using a boot disk a friend gave me and completely reformatted and reinstalled windows. I’m getting clear scans and no rootkits showing up during a boot scan.

EssexBoy, I appreciate all the help you offered and the time you put in.

Thanks for replying back.

BTW - all your efforts were well spent. Many experts including Microsoft recommend a full reformat and fresh install after a serious rootkit infection.