Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Exploit:Java CVE Virus - Help needed please


  • Please log in to reply
1 reply to this topic

#1 aseg299

aseg299

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:29 PM

Posted 23 October 2012 - 02:52 PM

Hello. This is my first post to Bleeping Computer and I hope someone can provide me with some advice regarding the Java CVE Virus. I'm not a tech whiz but I'm fairly competent so please bear with me. I've searched your forums and the web but I still don't know what action I should take. I believe my pc was/is infected and the virus seems to continue to reinfect since I got it about 10 days ago. I realize now that I had an outdated version of Java installed. I believe I used to use Java to log into a former employer's network. If that's the case then I haven't used it in about 2 years which is probably why I didn't receive any software update notices.

I have a Windows Vista Business pc and use Internet Explorer and MS Security Essentials. This happened pretty fast so I may not get all the details correct but this is what I recall. I was browsing the web when an unfamiliar window popped up. I believe it had a warning saying it was downloading something and I could see it running code(?). (Like you see when you're installing legitimate software or running a process.) If I recall, it appeared to be a security alert but it didn't look like a Sec. Essent. window so I didn't want to click on any of the options or X out of it because I thought in doing so I might "allow" the download. Instead I tried to access the task window and realized my mouse was effected (the click and right click buttons were reversed). I eventually was able to shut down using the Start button and I hoped this would kill the download. I didn't turn on the computer until the next day and when I did that window popped up again and continued to run the download as if it had never been interrupted. Since this happened I haven't been using that pc very much because I'm afraid of the exposure but I have used it somewhat and I've been running virus scans often. Almost each time I run a scan a new virus is found. Below are the items I've quarantined and removed (there may be a few more). I've uninstalled Java. My question is can I get rid of this virus for good and if so how? Thanks very much for your help!

Exploit:Java/CVE-2010-0840.AK
Exploit:Java/CVE-2012-1723.AGP
Trojan:Win32/Sirefef!cfg
Rogue:Win32/Winwebsec
TrojanDropper:Win32/Sirefef.gen!A
Trojan:Win32/Sirefef.BC
Exploit:Java/Blacole.GA
Exploit:Java/CVE-2012-1723.BTS
Exploit:Java/CVE-2012-1723.BTV
Exploit:Java/CVE-2012-1723.BTT

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:29 AM

Posted 23 October 2012 - 05:21 PM

Welcome aboard Posted Image

It looks like ZeroAccess rootkit. It'll require elevated help.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users