Mayday, Mayday!!! SpyWare & Trojans!!!

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Tenners, Nov 7, 2004.

  1. Tenners

    Tenners Private E-2

    I am new here, and I feel as though you guys are the experts that can help me out.

    I'm running Microsoft's XP Home edition OS on a Dell Dimension 4500.

    My Internet Explorer is TOTALLY jacked!!! I can't even open a window withouth my computer freezing up on me. I'm using my cousin's computer here to send this post.

    Anyway, I've run Hijack This, Ad-Aware and Spybot Search and Destroy and these are my results.....

    With Spybot, I get a flag about some infected Registry Keys. Problems are from:
    1) "Trojan.KillAV" under the file name "dcvebs.exe" which I can't seem to locate even AFTER making ALL hidden files viewable.
    2) DSO Exploit. I edited one Reg Key already and it is still coming up in HKEY_USERS\S-1-5-21, 19, and 20
    3) "GoldePalace.Casino" also in my Registry.

    Is anyone out there familiar with these and if so, can you help me get rid of his nonsense?

    I believe SpyBot has an update to deal with that DSO Exploit...but what about the others??

    Thanks,
    T. :rolleyes:
     
    Tenners, Nov 7, 2004
    #1
  2. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Major Attitude, Nov 7, 2004
    #2
  3. Tenners

    Tenners Private E-2

    Thanks for the help "Major Attitude,"

    But my problems don't allow me to get online using IE in the first place. I can't even get online to download FireFox.

    That means, I can't open this forum up on my own pc in order to get to those links you have there in that post. :rolleyes:

    By the way....I seem to be finding a lot of new problems everytime I run SpyBot. I ran it in safe mode...and found some other things.

    I'm hurt pretty bad man.

    Any other ideas???

    T.
     
    Tenners, Nov 7, 2004
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Get this update for Spybot: Spybot - Search and Destroy DSO Exploit Fix

    For the Trojan problem, press CTRL-ALT-DEL to bring up Task Manager and select processes.
    Look for this process: memore.exe
    If found, end it. And then see if you can delete c:\windows\memore.exe

    Also look in you HijackThis log for lines showing this file being load in
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

    and have HijackThis fix them.

    If you cannot do the above in normal boot mode, do it in safe mode.
     
    chaslang, Nov 8, 2004
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds