avg found a virus called downloader.tibs

I recently downloaded avg and it found several viruses. One of them include
the downloader.tibs virus. Can anyone help me to get rid of it or fix it? The
other viruses are java/byte verify & win32/pe patch. I also have worms and
trojans. They are I-worm/generic.AJK, (trojans) generic.Sdo,
downloader.gerneric.vsf, downloader.generic.ljz, downloader.generic.ncy &
downloader.generic.ejs. Can cnyone help with these as well. Thanks, Cori

From: "corij123" <corij123@discussions.microsoft.com>

| I recently downloaded avg and it found several viruses. One of them include
| the downloader.tibs virus. Can anyone help me to get rid of it or fix it? The
| other viruses are java/byte verify & win32/pe patch. I also have worms and
| trojans. They are I-worm/generic.AJK, (trojans) generic.Sdo,
| downloader.gerneric.vsf, downloader.generic.ljz, downloader.generic.ncy &
| downloader.generic.ejs. Can cnyone help with these as well. Thanks, Cori

Downloader.Tibs is a Trojan Downloader, not a virus.

If you are using any version of Sun Java that is prior to JRE Version 5.0 update 6,
then you are strongly urged to remove any/all versions that are prior to JRE/JSE
Version 5.0 update 6. There are vulnerabilities in them and they are actively being
exploited. It is possible that is how you got infected with malware.

Therefore, it is highly suggested that if there are any prior versions of Sun Java
to Version 5 update 6 on the PC that they be removed ASAP.

The latest version is Sun Java JRE/JSE Version 5.0 Update 9

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version.

Such as...
C:\Program Files\Java\jre1.5.0_09

http://www.java.com/en/download/manual.jsp

or

http://java.sun.com/javase/downloads/index.jsp

FYI:
http://sunsolve.sun.com/search/docum...=1-26-102557-1

1) Dump the contents of your IE cache -
Start --> settings --> control panel --> Internet options --> delete files

2) Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
Tools --> Options --> Privacy --> Cache --> Clear

3) Dump the contents of your Sun Java cache -
Start --> settings --> control panel --> Java applet --> cache --> clear
or
Start --> settings --> control panel --> Java applet --> general --> settings -->
delete files

4) Re-scan your system using the following Multi AV Scanning Tool.


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *




--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

corij123 wrote:

> I recently downloaded avg and it found several viruses. One of them
> include the downloader.tibs virus. Can anyone help me to get rid of it
> or fix it? The other viruses are java/byte verify & win32/pe patch. I
> also have worms and trojans. They are I-worm/generic.AJK, (trojans)
> generic.Sdo, downloader.gerneric.vsf, downloader.generic.ljz,
> downloader.generic.ncy & downloader.generic.ejs. Can cnyone help with
> these as well. Thanks, Cori

Go through the preparatory steps here:
http://www.elephantboycomputers.com/...moving_Malware

Then run Multi_AV:
http://www.ik-cs.com/multi-av.htm - how to use Dave Lipman's Multi-AV
http://www.ik-cs.com/programs/virtools/Multi_AV.exe - Multi-AV download
http://pcdid.com/Multi_AV.htm - additional Multi_AV instructions

Then run Ewido (see the first link I gave you above for details). Then
continue scanning for non-viral malware according to the instructions
at the first link above.

If the procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a professional
computer repair shop (not your local version of BigStoreUSA).

Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User

David H. Lipman wrote:
> From: "corij123" <corij123@discussions.microsoft.com>
>
> | I recently downloaded avg and it found several viruses. One of them include
> | the downloader.tibs virus. Can anyone help me to get rid of it or fix it? The
> | other viruses are java/byte verify & win32/pe patch. I also have worms and
> | trojans. They are I-worm/generic.AJK, (trojans) generic.Sdo,
> | downloader.gerneric.vsf, downloader.generic.ljz, downloader.generic.ncy &
> | downloader.generic.ejs. Can cnyone help with these as well. Thanks, Cori
>
> Downloader.Tibs is a Trojan Downloader, not a virus.
>
> If you are using any version of Sun Java that is prior to JRE Version 5.0 update 6,
> then you are strongly urged to remove any/all versions that are prior to JRE/JSE
> Version 5.0 update 6. There are vulnerabilities in them and they are actively being
> exploited. It is possible that is how you got infected with malware.
>
> Therefore, it is highly suggested that if there are any prior versions of Sun Java
> to Version 5 update 6 on the PC that they be removed ASAP.
>
> The latest version is Sun Java JRE/JSE Version 5.0 Update 9
>
> Simple check, look under...
> C:\Program Files\Java
>
> The only folder under that folder should be the latest version.
>
> Such as...
> C:\Program Files\Java\jre1.5.0_09
>
> http://www.java.com/en/download/manual.jsp
>
> or
>
> http://java.sun.com/javase/downloads/index.jsp
>
> FYI:
> http://sunsolve.sun.com/search/docum...=1-26-102557-1
>
> 1) Dump the contents of your IE cache -
> Start --> settings --> control panel --> Internet options --> delete files
>
> 2) Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
> Tools --> Options --> Privacy --> Cache --> Clear
>
> 3) Dump the contents of your Sun Java cache -
> Start --> settings --> control panel --> Java applet --> cache --> clear
> or
> Start --> settings --> control panel --> Java applet --> general --> settings -->
> delete files
>
> 4) Re-scan your system using the following Multi AV Scanning Tool.
>
>
> Download MULTI_AV.EXE from the URL --
> http://www.ik-cs.com/programs/virtools/Multi_AV.exe
>
> To use this utility, perform the following...
> Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
> Choose; Unzip
> Choose; Close
>
> Execute; C:\AV-CLS\StartMenu.BAT
> { or Double-click on 'Start Menu' in C:\AV-CLS }
>
> NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
> FireWall to allow it to download the needed AV vendor related files.
>
> C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
> This will bring up the initial menu of choices and should be executed in Normal Mode.
> This way all the components can be downloaded from each AV vendor's web site.
> The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.
>
> You can choose to go to each menu item and just download the needed files or you can
> download the files and perform a scan in Normal Mode. Once you have downloaded the files
> needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
> during boot] and re-run the menu again and choose which scanner you want to run in Safe
> Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.
>
> When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
> file. http://www.ik-cs.com/multi-av.htm
>
> Additional Instructions:
> http://pcdid.com/Multi_AV.htm
>
>
> * * * Please report back your results * * *
>
>
>
>

Wow, thanks David -- I still have version 8 on my computer and did not
realize that version 9 had come out -- Any idea when version 9 appeared
and thanks in advance --- I really appreciate it

--
Dan W.

Computer User

From: "Dan W." <spamyou@user.nec>


| Wow, thanks David -- I still have version 8 on my computer and did not
| realize that version 9 had come out -- Any idea when version 9 appeared
| and thanks in advance --- I really appreciate it
|

W/O notice, Sun Java v5 update 9 appeared at the end of last week.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

David H. Lipman wrote:
> From: "Dan W." <spamyou@user.nec>
>
>
> | Wow, thanks David -- I still have version 8 on my computer and did not
> | realize that version 9 had come out -- Any idea when version 9 appeared
> | and thanks in advance --- I really appreciate it
> |
>
> W/O notice, Sun Java v5 update 9 appeared at the end of last week.
>

Thanks David and more work in updating my systems at school. Thank you
for the information update. I do not know how I could manage without
your expertise on security matters.

--
Dan W.

Computer User

were you able to fix the problem and if so how?


"corij123" wrote:

> I recently downloaded avg and it found several viruses. One of them include
> the downloader.tibs virus. Can anyone help me to get rid of it or fix it? The
> other viruses are java/byte verify & win32/pe patch. I also have worms and
> trojans. They are I-worm/generic.AJK, (trojans) generic.Sdo,
> downloader.gerneric.vsf, downloader.generic.ljz, downloader.generic.ncy &
> downloader.generic.ejs. Can cnyone help with these as well. Thanks, Cori

were yiy able to fix the problem and if so how?

"corij123" wrote:

> I recently downloaded avg and it found several viruses. One of them include
> the downloader.tibs virus. Can anyone help me to get rid of it or fix it? The
> other viruses are java/byte verify & win32/pe patch. I also have worms and
> trojans. They are I-worm/generic.AJK, (trojans) generic.Sdo,
> downloader.gerneric.vsf, downloader.generic.ljz, downloader.generic.ncy &
> downloader.generic.ejs. Can cnyone help with these as well. Thanks, Cori

were you able to fix the problem and if so how?

"corij123" wrote:

> I recently downloaded avg and it found several viruses. One of them include
> the downloader.tibs virus. Can anyone help me to get rid of it or fix it? The
> other viruses are java/byte verify & win32/pe patch. I also have worms and
> trojans. They are I-worm/generic.AJK, (trojans) generic.Sdo,
> downloader.gerneric.vsf, downloader.generic.ljz, downloader.generic.ncy &
> downloader.generic.ejs. Can cnyone help with these as well. Thanks, Cori

I read several posts in this discussion thread which proved to be really
useful. AVG detected this virus (Java\Byte Verify) but it couldn't remove it.
So I looked around for a fix and I came upon your expert suggestions. I said
to myself, "If this works, I'll have to send this guy my thanks."

How do I uninstall Java? Everytime I try to delete the folder a dialog box
appears telling me that access is denied. You did suggest Java 5 has a lot of
vulnerabilities. Can you help me on this sir? Would that even be a good idea?
Or would upgrading to a newer version be better? If so, how can that be done?

Salamat kaayo (Thank you very much in Cebuano Dialect)! Maraming salamat po
(Thanks a lot in Tagalog)!

Rob

From: "Rob" <Rob@discussions.microsoft.com>

| I read several posts in this discussion thread which proved to be really
| useful. AVG detected this virus (Java\Byte Verify) but it couldn't remove it.
| So I looked around for a fix and I came upon your expert suggestions. I said
| to myself, "If this works, I'll have to send this guy my thanks."
|
| How do I uninstall Java? Everytime I try to delete the folder a dialog box
| appears telling me that access is denied. You did suggest Java 5 has a lot of
| vulnerabilities. Can you help me on this sir? Would that even be a good idea?
| Or would upgrading to a newer version be better? If so, how can that be done?
|
| Salamat kaayo (Thank you very much in Cebuano Dialect)! Maraming salamat po
| (Thanks a lot in Tagalog)!
|
| Rob

If you are using any version of Sun Java that is prior to JRE Version 5.0 update 9,
then you are strongly urged to remove any/all versions.
There are vulnerabilities in them and they are actively being exploited.

It is highly suggested that you update to the latest version which is Sun Java JRE/JSE
Version 5.0 Update 9

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version.

Such as...
C:\Program Files\Java\jre1.5.0_09

http://java.sun.com/javase/downloads/index.jsp

FYI:
http://sunsolve.sun.com/search/docum...=1-26-102557-1
http://sunsolve.sun.com/search/docum...=1-26-102648-1

1) Dump the contents of your IE cache -
Start --> settings --> control panel --> Internet options --> delete files

2) Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
Tools --> Options --> Privacy --> Cache --> Clear

3) Dump the contents of your Sun Java cache -
Start --> settings --> control panel --> Java applet --> cache --> clear
or
Start --> settings --> control panel --> Java applet --> general --> settings -->
delete files

4) Re-scan your system using your anti virus software.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

thanks dave you are a genius may you have many happy days.
vek kev
"David H. Lipman" wrote:

> From: "Rob" <Rob@discussions.microsoft.com>
>
> | I read several posts in this discussion thread which proved to be really
> | useful. AVG detected this virus (Java\Byte Verify) but it couldn't remove it.
> | So I looked around for a fix and I came upon your expert suggestions. I said
> | to myself, "If this works, I'll have to send this guy my thanks."
> |
> | How do I uninstall Java? Everytime I try to delete the folder a dialog box
> | appears telling me that access is denied. You did suggest Java 5 has a lot of
> | vulnerabilities. Can you help me on this sir? Would that even be a good idea?
> | Or would upgrading to a newer version be better? If so, how can that be done?
> |
> | Salamat kaayo (Thank you very much in Cebuano Dialect)! Maraming salamat po
> | (Thanks a lot in Tagalog)!
> |
> | Rob
>
> If you are using any version of Sun Java that is prior to JRE Version 5.0 update 9,
> then you are strongly urged to remove any/all versions.
> There are vulnerabilities in them and they are actively being exploited.
>
> It is highly suggested that you update to the latest version which is Sun Java JRE/JSE
> Version 5.0 Update 9
>
> Simple check, look under...
> C:\Program Files\Java
>
> The only folder under that folder should be the latest version.
>
> Such as...
> C:\Program Files\Java\jre1.5.0_09
>
> http://java.sun.com/javase/downloads/index.jsp
>
> FYI:
> http://sunsolve.sun.com/search/docum...=1-26-102557-1
> http://sunsolve.sun.com/search/docum...=1-26-102648-1
>
> 1) Dump the contents of your IE cache -
> Start --> settings --> control panel --> Internet options --> delete files
>
> 2) Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
> Tools --> Options --> Privacy --> Cache --> Clear
>
> 3) Dump the contents of your Sun Java cache -
> Start --> settings --> control panel --> Java applet --> cache --> clear
> or
> Start --> settings --> control panel --> Java applet --> general --> settings -->
> delete files
>
> 4) Re-scan your system using your anti virus software.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
>

From: "vek" <vek@discussions.microsoft.com>

|
| thanks dave you are a genius may you have many happy days.
| vek kev

I am glad I could help. Happy Holidays !

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm