So I have a Trojan horse virus Exploit:Java/CVE in my Toshiba laptop. I followed some instructions online and removed some registry files. But after I restarted my computer, it didn’t go away. I wonder if those removed registry files were important? Did I do anything wrong? Will that mess up my laptop? 

Exploit:Java/CVE Virus Definition

Exploit:Java/CVE, you may think this is an important program or file of Windows operating system. But it’s not. On the contrary, this is a very harmful Trojan horse virus detected by some famous anti-virus recently. If you are familiar with Trojan horse, you may know this similar one: Exploit:Java CVE-2012-0507.CG.  The name is almost the same as the latter, isn’t it. In fact, they belong to the same series Trojan horse virus. The name of this tiny Trojan horse is as ordinary as other Trojan horses; however, its damage power is not tiny at all.

Exploit:Java/CVE Virus can be everywhere when you open some advertisement pages or malicious websites. Hackers often hide this virus in some click icons such as files download buttons, play buttons and some irresistible pop-up windows. When you carelessly click these icons which are full of potential danger, it means that you make a condition for Exploit:Java/CVE to access your PC, though your real intention is not for this satanic stuff. The intelligent crafty Trojan once access your PC, it can be checkless in your computer and capriciously do anything as the prior designed goal of the program demands.

After your PCs get infected by Exploit:Java/CVE Trojan, it will firstly change the registry entry to make sure it can start automatically when windows start. The further means of its activity is to get away from the Fire Wall or antivirus programs. The most awful and destructive action of Exploit:Java/CVE is that it will start background downloading when it has its full swing without your notice and permission. The key point is that those downloaded files are all vicious programs, robber software and with useless even harmful information which can lead to your individual privacy revealed to evildoers that means you will suffer property loss and spiritual damages.

To have a better and easy way to fix your computer, you’d better contact an expert for help

Why Didn’t My Anti-virus Program Remove This Trojan Horse Virus?

This will be the first question you want to ask if you get this Trojan virus infection. As what you can see, Exploit:Java/CVE virus will give itself a name just like it’s one important file of Windows operating system. It just takes advantage of the vulnerabilities of the operating system and your anti-virus so that it can escape from scanning, much less than killing it. When this rootkit disguises as an important file of Windows operating system,  Windows Fire Wall or your anti-virus program will take it for a safe file and won’t kill it. Even if your anti-virus can distinguish it as a virus, the virus can make use of the vulnerabilities of your anti-virus so that it can’t be removed. No perfect anti-virus can remove all smart viruses.

Step-by-step Exploit:Java/CVE Virus Manual Removal Guide

In case that any mistake might occur and cause unpredictable damages during Exploit:Java/CVE virus removal, please spend some time on making a backup beforehand. Then follow these steps given as below:

1. Restart the infected computer and keep pressing F8 key before Windows launches; then use arrow keys to select and log in with Safe Mode with Networking;
2. Open Control Panel from Start menu and search for Folder Options;
3. Under View tab to tick Show hidden files and folders and non-tick Hide protected operating system files (Recommended) and then click OK;

4. Press Windows+R keys and then type regedit in Run box to open Registry Editor.

5. Delete all the following or those related to the following files.
%AppData%\[random].exe
%AppData%\result.db
%Windows%\system32\[random].exe
%Documents and Settings%\[UserName]\Application Data\[random]
%AllUsersProfile%\Application Data\.dll
%AllUsersProfile%\Application Data\.exe(random)

6. Delete all the following or those related to the following registry entries.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Regedit32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net”
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\{ Random }
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\BROWonrRun

7. Restart the computer to normal mode when you have successfully removed Exploit:Java/CVE virus.

Similar Video on How to Modify or Change Windows Registry

Further more, please be careful when you try to remove Exploit:Java/CVE yourself. It’s not so easy for one person who is not familiar with the virus nor well trained in IT filed. The virus can change its name constantly which will make the removal work harder for you. If you don’t have much knowledge of Windows operating system, you almost can’t find it out from so large amounts of system files. And you’d better don’t try so called free software to get rid of this Trojan since the virus is well disguised that anti-virus may delete some system files erroneously. What’s more so called free software may be another cheater. You’d better to find an expert to help you remove this Exploit:Java/CVE.

Anyhow, a professional expert such as YooCare/YooSecurity PC Online Service can easily solve your problem and make you at ease.

Published by Leo R. Oscar & last updated on June 3, 2013 7:33 am

Leave a Reply