Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I Infected Or Is This A Graphics Card Problem?


  • Please log in to reply
45 replies to this topic

#1 sandbombmoh

sandbombmoh

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:06:53 PM

Posted 21 September 2008 - 09:32 AM

About a week ago, I started receiving problems with my PC freezing after I installed a new graphics card. I posted about it in the hardware section as seen here http://www.bleepingcomputer.com/forums/ind...mp;#entry951697
But from this error message:

Warning 9/20/2008 9:42:22 PM Tcpip None 4226 N/A JENNY
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

a person has led me to believe that maybe I've been infected with something. It appears on the eventviewer logs everytime I check it after I freeze. Can someone help me?

BC AdBot (Login to Remove)

 


#2 sandbombmoh

sandbombmoh
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:06:53 PM

Posted 21 September 2008 - 09:33 AM

Also, from the research I've done, it might have something to do with me using bitcomet?

#3 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:53 AM

Posted 21 September 2008 - 09:50 AM

turn bitcomet off and check, if the warning ceases then you could override the sp2 tweak

http://www.speedguide.net/read_articles.php?id=1497

if you are still receiving the warning you might be infected

http://www.bleepingcomputer.com/forums/ind...mp;#entry944365

do a scan with MBAM
Chewy

No. Try not. Do... or do not. There is no try.

#4 sandbombmoh

sandbombmoh
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:06:53 PM

Posted 21 September 2008 - 11:59 AM

I tried closing down Bitcomet and playing a video game.
It still froze. and when I looked at the logs, nothing about the TCP/IP any more. I'm running a scan for malware now.
Btw, it mostly freezes while I'm playing a video game.

#5 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:53 AM

Posted 21 September 2008 - 12:14 PM

Well as is stated everyday here, P2P and infections(really bad ones) seem to go hand in hand. It's one of the most efficient ways for the bad guys to distribute their malware.
Chewy

No. Try not. Do... or do not. There is no try.

#6 Jonny Walker

Jonny Walker

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Utopia
  • Local time:10:53 AM

Posted 21 September 2008 - 03:22 PM

the possibility that a malware is creating problems with your graphics card is quite small
try uninstall the graphics card drivers and install the drivers provided with the graphics card....
if you PC still freeze update drivers (and close any FW or AV running during installation)

#7 sandbombmoh

sandbombmoh
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:06:53 PM

Posted 21 September 2008 - 03:53 PM

the PC still froze, even with Bitcomet Closed, no sign of the TCP/IP error though. I think it doesn't have to do with that warning. I Have run a scan with MBAM and removed 11 as shown below in the log. What should I do next?

Malwarebytes' Anti-Malware 1.28
Database version: 1186
Windows 5.1.2600 Service Pack 2

9/21/2008 11:40:40 PM
mbam-log-2008-09-21 (23-40-40).txt

Scan type: Full Scan (C:\|F:\|G:\|H:\|I:\|)
Objects scanned: 255253
Time elapsed: 2 hour(s), 56 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{977a494a-6aec-4555-9caf-fa6eb00acf91} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Downloads\WinRAR.v3.70.Incl.Keymaker.And.Patch-CORE_CRP\CORE10k.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
F:\Sony Sound Forge 8.0\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
H:\software\BitDefender Plus v10 + Keygen CORE + Patch\BitDefender Plus v10 + Keygen CORE + Patch\BitDefender Patch\CORE10k.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\user\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.

#8 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:53 AM

Posted 21 September 2008 - 04:14 PM

That looks like some leftovers from a definite infection and some of those P2P infectors

Let's try atf and SAS

Follow the direction exactly, they are complicated

http://www.bleepingcomputer.com/forums/ind...mp;#entry948894

After that run another quick scan with MBAM from normal mode
Chewy

No. Try not. Do... or do not. There is no try.

#9 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:53 AM

Posted 21 September 2008 - 04:17 PM

the possibility that a malware is creating problems with your graphics card is quite small
try uninstall the graphics card drivers and install the drivers provided with the graphics card....
if you PC still freeze update drivers (and close any FW or AV running during installation)


malware often messes with video drivers and display properties


sometimes just removing from device manager and rebooting fixes it, other times a full reload of the drivers

but first remove all malware

Edited by DaChew, 21 September 2008 - 04:17 PM.

Chewy

No. Try not. Do... or do not. There is no try.

#10 Jonny Walker

Jonny Walker

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Utopia
  • Local time:10:53 AM

Posted 21 September 2008 - 04:34 PM

malware often messes with video drivers and display properties


if u put malware into 4 subcategories (trojans , virus , worms , rootkits and spyware )
only virus could have the possibility to harm the graphic card and out of those 5 categories viruses have
the lowest spread rates. that why its so rare for a virus to harm the graphic card ... unless your that unlucky

does your pc freeze with every game or just that?

#11 sandbombmoh

sandbombmoh
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:06:53 PM

Posted 21 September 2008 - 06:42 PM

I haven't tried any other game on the system. I don't have any @_@

#12 sandbombmoh

sandbombmoh
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:06:53 PM

Posted 21 September 2008 - 06:55 PM

I followed the instructions on the page that was linked in Dachew's post. Logs are posted below. I also ran a quick scan with MBAM when i rebooted as I was instructed to by Chew (nothing came up thankfully).
Now what do I do?
@_@

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/22/2008 at 02:21 AM

Application Version : 4.21.1004

Core Rules Database Version : 3555
Trace Rules Database Version: 1543

Scan type : Complete Scan
Total Scan Time : 00:59:30

Memory items scanned : 180
Memory threats detected : 0
Registry items scanned : 5841
Registry threats detected : 0
File items scanned : 18113
File threats detected : 1

Trojan.Downloader-Gen/Kavo
C:\WINDOWS\SYSTEM32\AVPO.EXE

#13 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:53 AM

Posted 21 September 2008 - 07:20 PM

http://www.pcpitstop.com/pcpitstop/default.asp

run the full test

what are the games, your cpu and ram
Chewy

No. Try not. Do... or do not. There is no try.

#14 sandbombmoh

sandbombmoh
  • Topic Starter

  • Members
  • 77 posts
  • OFFLINE
  •  
  • Local time:06:53 PM

Posted 21 September 2008 - 08:03 PM

Should I make an account? or should I run the free tests without the account?

The game is Lost Planet. CPU- Pentium 4, 3.40 Ghz. Ram- 1GB. Graphics card- Geforce 7600GS, 512

#15 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:11:53 AM

Posted 21 September 2008 - 08:12 PM

I just registered, let them install the active x and have my email

The site was reccomended to me by an old jedi master

I don't endorse their for sale products, they are probably good tho.
Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users