I cleaned assorted trojans off the computer, but one issue remained. Browsing the web, and certain other network activities didn't work. I could ping websites, but couldn't browse to them with either IE or a freshly installed Firefox. AVG/Spybot/etc update would fail due to no connection. Sometimes there was a delay between boot and when network connectivity dropped, but it was never more than a minute or two. I was able to update AVG/Spybot/etc during this time, though the connection dropped out in the middle of an update download multiple times.
Event Viewer showed a tcpip error Event ID: 4226. MS knowledge base didn't say anything about this error. The text was " TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts."
I found the source of this error. Through msconfig, I found a service called "WinRep." I found it after hiding all MS services. This service did not show up in Task Manager. I disabled the service, rebooted and all network functionality returned. I re-enabled it, and the error returned.
I searched MS's knowledge base for winrep.exe. It's the filename of a win98 program used to report hardware information. Figuring WinRep.exe I found was some sort of malware, I did a google for "winrep spyware" which brought me here. I saw hijack this logs that showed WinRep.exe, but it was present in apparantly clean logs.
The date on the file was 6-14-05, so perhaps this is a new piece of malware? If this isn't new, can someone point me to some more information?
Thanks.
Sign In
Create Account
