Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected, antivirus's down


  • Please log in to reply
4 replies to this topic

#1 headspin

headspin

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 13 March 2009 - 11:19 AM

My mbam and super anti spyware has stopped running.
I un-installed them and went to re-download them by my browser says the page is unavailable or timed out. Also im getting pop ups, prolly on accout to the anti virus being down.


im seeing the instruction at 0x75606eb5 refrenced memory at 0x00000008" the memory could not be read

Edited by headspin, 13 March 2009 - 11:55 AM.


BC AdBot (Login to Remove)

 


#2 headspin

headspin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 13 March 2009 - 11:59 AM

I just ran mbam, i had to re name it.
It found several trojans, and removed them. Now i am Un-able to update. It says im not connected to the internet. but i am . and i am unable to get access my c drive.
I went to put it in safe mode and run SDfix but it froze.
i also used atf cleaner after m bam scan.
heres the logs.
Malwarebytes' Anti-Malware 1.34
Database version: 1749
Windows 5.1.2600 Service Pack 3

3/13/2009 1:28:28 PM
mbam-log-2009-03-13 (13-28-28).txt

Scan type: Quick Scan
Objects scanned: 64238
Time elapsed: 2 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 10
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.65,85.255.112.230 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.65,85.255.112.230 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6b9e406a-298e-448f-84e7-273751dd7712}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.65,85.255.112.230 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6b9e406a-298e-448f-84e7-273751dd7712}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.65,85.255.112.230 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.65,85.255.112.230 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.65,85.255.112.230 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{6b9e406a-298e-448f-84e7-273751dd7712}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.65,85.255.112.230 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{6b9e406a-298e-448f-84e7-273751dd7712}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.65,85.255.112.230 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.62,85.255.112.231 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{6b9e406a-298e-448f-84e7-273751dd7712}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.62,85.255.112.231 -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\autorun.inf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RECYCLER\S-4-9-94-100017038-100001123-100014033-6050.com (Trojan.Agent) -> Quarantined and deleted successfully.



any suggestions?

Edited by headspin, 13 March 2009 - 03:20 PM.


#3 headspin

headspin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 13 March 2009 - 03:43 PM

i just realized i have no sound also. i clicked on the sound icon, and i got" there are no active mixer devices available.."

#4 headspin

headspin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 13 March 2009 - 05:53 PM

Ive come to the conclusion the real problem is this dumb message the instruction at "0x75606eb5" refrenced memory at "0x00000008". The memory could not be "read"

I started in safe mode. ran avira, ran mal-ware bytes and the message only comes up when i try to use my a.i.m
I still have no sound eccept the beeps you here when something dosent register.
i have windows xp 2000 btw

Edited by headspin, 13 March 2009 - 06:13 PM.


#5 headspin

headspin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 17 March 2009 - 12:53 PM

any one have the same problem?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users