Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I have a worm that I am redistributing


  • Please log in to reply
No replies to this topic

#1 Lokimundane

Lokimundane

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 18 April 2010 - 11:33 AM

Hello everyone.

I have Windows xp running sp2 on a dualcore pentium 4 desktop with 4 gigs of ram.

The computer is usually plenty fast to handle any task I throw at it. Lately though the computer has been locking up.
I have actually taken it to my local computer repair shop ( who is usually great at fixing anything I heard ) and they have not corrected the problem at all.

Let me detail the problem for you.

The computer seems to be constantly lagging and freezes up occasionally.
I took a look at the system event viewer to see what it happening right before it freezes up and I see the same error.

The max number of tcp/ip connections has been reached.


Also I used security task manager to view my running processes and noticed that there are two instances of

termsrv32.dll


They are both located in the system32 folder.

Also everytime I reboot my computer the allow remote access is enabled
I disable each time I reboot the computer and it will reenable itself each time.

These are the steps that I have taken to correct the problem.


I have run
malware bytes ( has turned a nothing )
spybot ( turned up nothing )
estes online ( which turned up a few trojans once and quarantined them )


The system seems to run fine in safe mode.

The reason I think that I am broadcasting the worm is because of the the remote access being enabled each time, the tcp/ip error I am receiving and the multiple instances of termsrv32.dll

I'm on my last legs here. I don't own a windows disk but I am very close to doing a solid wipe on the computer just to address this problem, I don't want to lose all the data I have on the computer though.

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users