Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

I was hit by a slew of Java Script Exploits as well as Trojans this past week

  • 1 baphendule
  • 1 inale nkinga
  • 4 views
  • Igcine ukuphendulwa ngu dumdidadida

geoffey
geoffey
more options

Hello:

On 7/10/2012, my desktop machine got hit by a slew of Virus and Trojans which even though removed, they are impacting the use of my computer. Information below.

First 7.10/2012 Trojan win32/Tibs.IT Severe Threat detected by Microsoft security essentials and Quarantined Second 7/11/2012 0332 Trojan Win32/Tibs.It Severe Threat ditto ditto ditto and Quarantined Third 7/15/2012 ExploitJava/CVE-2012-0507.CG SEVERE THREAT AND QUARANTINED BY MSE. Fourth 7/15/2012 Exploit:Java/CVE-2012-1723.F SEVERE THREAT AND QUARANTINED MY MSE.

Since I have run Avast, it has not picked up on any of these in my system, but the damage seems to be done and wonder how I can reverse it? If I were to do a system restore before any of this ever happened would I be able to fix my machine myself. I know that the registry has been corrupted and that Microsoft has an "autoruns" program that they charge 100 bucks to run. Do you know of any place where I could obtain a similar program so that I can do this myself. I do know that in "autoruns" the YELLOW registry items need to be deleted. That being said can you help me please? I don't want to have to go through reformatting everything and starting all over :(. Days it takes and I end up losing a lot of stuff in the process. Thank you.

in addition, according to Avast Internet Security Report, look what sections of my computer are blocked or disabled from scanning.


Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org

Database version: v2012.07.22.03

Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Georg :: GEORG2-PC [administrator]

Protection: Enabled

7/22/2012 04:54:59 mbam-log-2012-07-22 (04-54-59).txt

Scan type: Custom scan (C:\Users\Georg\Pictures\ME - Copy\ME\Picture 4.jpg|) Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Memory | Startup | Registry | Heuristics/Extra Objects scanned: 0 Time elapsed: 14 second(s)

Memory Processes Detected: 0 (No malicious items detected)

Memory Modules Detected: 0 (No malicious items detected)

Registry Keys Detected: 0 (No malicious items detected)

Registry Values Detected: 0 (No malicious items detected)

Registry Data Items Detected: 0 (No malicious items detected)

Folders Detected: 0 (No malicious items detected)

Files Detected: 0 (No malicious items detected)

(end)


Can anyone help me with this? This trojan is in my email and programs and causing havoc everywhere. So far, I see how it works by disabling the main sections of the computer that are need to be scanned to get rid of it. How can I fix this?

Thanks.

geoff

Hello: On 7/10/2012, my desktop machine got hit by a slew of Virus and Trojans which even though removed, they are impacting the use of my computer. Information below. First 7.10/2012 Trojan win32/Tibs.IT Severe Threat detected by Microsoft security essentials and Quarantined Second 7/11/2012 0332 Trojan Win32/Tibs.It Severe Threat ditto ditto ditto and Quarantined Third 7/15/2012 ExploitJava/CVE-2012-0507.CG SEVERE THREAT AND QUARANTINED BY MSE. Fourth 7/15/2012 Exploit:Java/CVE-2012-1723.F SEVERE THREAT AND QUARANTINED MY MSE. Since I have run Avast, it has not picked up on any of these in my system, but the damage seems to be done and wonder how I can reverse it? If I were to do a system restore before any of this ever happened would I be able to fix my machine myself. I know that the registry has been corrupted and that Microsoft has an "autoruns" program that they charge 100 bucks to run. Do you know of any place where I could obtain a similar program so that I can do this myself. I do know that in "autoruns" the YELLOW registry items need to be deleted. That being said can you help me please? I don't want to have to go through reformatting everything and starting all over :(. Days it takes and I end up losing a lot of stuff in the process. Thank you. in addition, according to Avast Internet Security Report, look what sections of my computer are blocked or disabled from scanning. Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.22.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Georg :: GEORG2-PC [administrator] Protection: Enabled 7/22/2012 04:54:59 mbam-log-2012-07-22 (04-54-59).txt Scan type: Custom scan (C:\Users\Georg\Pictures\ME - Copy\ME\Picture 4.jpg|) Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Memory | Startup | Registry | Heuristics/Extra Objects scanned: 0 Time elapsed: 14 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Can anyone help me with this? This trojan is in my email and programs and causing havoc everywhere. So far, I see how it works by disabling the main sections of the computer that are need to be scanned to get rid of it. How can I fix this? Thanks. geoff

All Replies (1)

dumdidadida
dumdidadida
more options

Hi,

It would also be a good idea to post in a dedicated security forum. You can also post there regarding malware removal live USB/CDs which would be sufficient and useful in a lot of situations:

http://www.bleepingcomputer.com/forums/forum79.html

http://www.spywarewarrior.com/index.php

http://www.spywareinfoforum.com/

http://www.wilderssecurity.com/

Please also note that Autoruns is a free program.