# Windows disaster - need advice

1. Nov 20, 2004

### Gokul43201

Staff Emeritus
My computer's (750 MHz Dell running Win 2K ) unable to connect to the internet, and has a couple of worms (W32.Swen.A@mm and W32.sdbot.worm.gen) wrecking it. The following are some of the error messages/problems that I've discovered :

1. Windows Task Manger shows two occurances of a process named svchost.exe. One of these is taking up 99% of the CPU.

2. Event Viewer had this error : Source = IPRIP. Description = "IPRIP was unable to create a socket for address 169.254.13.27" (is this some default Windows ip address ?). There was also the following warning : Source = DHCP. Description = "Your computer was not able to renew its address from the network for the network card with network address . The following error occurred : The semaphore timeout period has expired. Your computer will continue to try and obtain an address on its own from the DHCP server."

3. Command Prompt : trying "ipconfig /renew" gave me the following error message : "An operation was attempted on something that is not a socket."

So what is your diagnosis of the situation ? What really has happened, and what is the extent of damage ? And what should I do about it ?

Is my TCPIP stack screwed ? Should I reconfigure TCPIP (followed by deworming, of course) ? Should I format HD ? What is the least destructive means of remedying my malady ?

Thanks all !

Last edited: Nov 20, 2004
2. Nov 20, 2004

### dduardo

Staff Emeritus
Just format and reinstall. Once you've got your computer up and running make a backup of the partition. If something else goes wrong later you'll just have to recopy the partition back on instead of wasting time going through the install process.

3. Nov 20, 2004

### Epoch1

From your desciption it sounds as ther has been corruption to your NIC and its driver setting. Rather than reformatting i would suggest trying the following.
Open the device manager and simply remove any devices listed in the network controllers section. When asked to restart say no and do a complete shutdown of the PC. Wait 10 secs and then reboot. Windows should detect the card with a new copy of the driver set to the original defaults. If you are using a router or hub disconnect the PC from any of them. Just unplug the network cable from the NIC card before you boot up to prevent any suspicious services from accessing any network resources

10 years as a PC and network support technician, thats what I woud try first.