[Flashorn]

Hey coastie!!



Now, if it was in the System Restore, it would be advisable to Delete

the old restore points and create a new one starting now!!!

The other place I found that malware will hide is in the Jave cache.

It would be best not to keep any of those files on your PC from Java.

To do this , bring up the Java Control Panel.

Go to "Control Panel" and double click on the Java icon. This should

bring up the control panel for Java.





On the General tab ,at the bottom,you will see "Settings" click on that.

This is what will show:





First , you will click on the "Delete Files" at the bottom. This is what will come up:

!http://forums.pcworld.com/legacyimages/
1!

Click "OK" . You have just cleared your temps Files.



Next , you will UN-Check-Mark

the "Keep temporary Files On My Computer" check box. you do not need a double of

the malware in your Java cache where it will re-infect your PC.

Don't forget to click on the OK and then on the "Apply" and "OK" to finish the

procedure.



FLASHORN. !http://forums.pcworld.com/legacyimages/
1!

[Adama]

Hi Flash,

Wow - That's great info, my friend. We're sure fortunate to have you here at PCW.

[coastie65]

Hey Flashorn, I'm getting ready to head out to the Outer banks of North Carolina, for a week end long batchelor party for the son of a friend of mine. I have already deleted the restore files,as they didn't work anyway ( Probably due to the infection). I haven't created a new one, although Windows may have. The Java files were specifically scanned several times, but will probably delete them and reinstall, no big deal there. Anyway, I think I've pretty much got the mess cleaned up, but am still keeping a close eye on things to be sure. You know, this thing was running pretty good before the infection, but I swear it seems to be running even better now, missing files ( this I'm aware of ) and all. I'll probably take care of the Java thing when I get back as well as maybe a system repair from the installation disk. coastie

[Flashorn]

Hey coastie!!



Yeah,Java is not a rush thing but, would be nice if you got around to it.

I would be gone for the Week-end too if I didn't have any pop left to drink.LOL!



I hope you have a good week-end with your friends coastie!!



FLASHORN. !http://forums.pcworld.com/legacyimages/
1!

[mjd420nova]

Rgreen hit on the sure cure remedy for these infections. Backups are so very important and can bring a smile to my face when the user smiles and hands me a disk(s) and says "go for it". I do a weekly backup of all my home systems so I'm ready but 95 percent of users don't and they wind up with a big frown. Now the Flash BIOS type of trojan/worms are another story and take a bit of hardware correction to stop them. Registry infections are manifest and evident when regular cleaning won't get rid of them and some are smart enough to even lock the users from making any changes, kind of like self protection. Firewalls, adblockers and virus checkers are nice but the hackers have increased their approaches such that they know how to get around them. No website is safe from being hijacked and so far I know of no way to protect yourself from that approach, except for keeping an up to date backup available. The other important thing is that you keep two backups, one the most recent and another a week older, as I've seen some users who only have one and it has turned out to be infected too.

[coastie65]

Hi All, I thought I would give you an update. I just ran two scans. One with Spysweeper and the other with SUPERantispyware after an update. Spysweepr produced the usual cookies and no biggies. When I ran SUPERantispyware, it came up with the usual cookies as well as an unknown trojan that was in my restore files. That having beens said, I have had some trouble with that and I guess that explains why. Anyway, I was unable to move to the chest. It did remove it when i got to that function. Just t be on the safe side, I have deleted ALL restore points and will reset a new restore point. I think that was one I was aware of and had forgot about. I'm going to run a second scan to check things out. coastie65

[rgreen4]

That thing has really given you fits. I think this evening will be a good time for me to update my clones. I have SAS set to run each morning. Interestingly my Vista machine usually comes up clean, but my XP machine always has 2-4 thing to quarantine and remove.

[Flashorn]

Hey coastie!!



Did you do the Java thing??? They have a tendency of hiding in there as well.

That's why they keep coming back. Re-Run MalwareBytes and don't forget your

AV . Also a AntiRoot Scan would not hurt. This is the one I usually use:

F-Secure BlackLight


h2. Downloads
• BlackLight|ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe] – Rootkit Detection and Elimination Tool
• [Removal Tools



F-Secure BlackLight is one of four best tested by AV-Test



Coastie , If you are to use BlackLight ,make sure it has time to

do a complete scan. Don't stop it mid way. This will ensure that

your system is free of rootkits. Only use the "Removal Tool" after

you have researched anything that BlackLight comes up with.

I have yet to find a rootkit , so I haven't used the Removal Tool.

The scan on XP and Vista took about 12 to 18 minutes to finish

depending on the size of your HDD.





FLASHORN. !http://forums.pcworld.com/legacyimages/
1!

[coastie65]

Hey rg, The second scan came up negative except for three tracking cookies. I actually knew about that one but had forgotten it. Yeah, I'm chasing all sorts of stuff in here at the moment. My scan disk function is useless as there are no repair files to fix things. I'll get around to popping the Installation disk in here and do a repair of the OS sometime I guess. :D . I believe the missing files situation is due to some overzealous cleaning on my part. coastie

[coastie65]

Hey Flashorn, I completely forgot about Java. I was going to uninstall it and then reinstall, but got side tracked. Interestingly enough, SUPERantispyware added a rootkit thing in their latest update. But will try the other as well. I definitely have a lot to do with this thing, like fixing this "Part Time" optical drive and getting the printer and camera apps back in here. No big problem, just a nuisance mostly. I can print and scan at the most basic level using the Windows stuff. Over all it is running fine and snappy, so I guess I shouldn't complain too much as nothing of a radical nature is required. Yesterday, I worked with the HP stuff, but as usual, I failed to completely unstall everything and clean the stuff out before doing a reinstall so you can imagine how that went. Antway, we'll be checking out the anti root kit thing as well, as making sure this thing is clean, is my #1 priority and the nuisances can be taken care of in time. coastie