5 Replies Latest reply on Dec 2, 2014 6:19 AM by catdaddy

    Exploit:Java/CVE

    jaykay1

      FAO catdaddy

       

      Unfortunately despite carefully following the suggested operations set out in your recent helpful mail, I still have the same problems identified when I run MSS, please see attached. Are you able to advise further please?

       

      Thanks

       

      JK

       

        • 1. Re: Exploit:Java/CVE
          catdaddy

          jaykay1,

                         Short of restoring back to a previous Restore Point, where you were not experiencing such. I would advise you to to Run the latest McAfee Stinger (Read how to use) followed up by McAfee Rootkit remover (Read how to use). These Superb Tools can be obtained from the following Link:Anti-Spyware/Malware & Hijacker Tools

           

                         Keep in mind that should you revert back to a earlier Restore Point, make certain you are current with all Updates/Addons and to include Internet Explorer/McAfee as well. You can also seek assistance from the experts at Malwaretips, they are specialists in these cases.Malware Removal Assistance | MalwareTips.com

           

                           So far we have attempted to resolve your issue with Superb Free tools , should the case be that it cannot be resolved after exhausting every avenue, McAfee in itself has (Virus Removal Service as well) I would suggest following the additional suggestions above, and if all else fails...McAfee Virus Removal Service - Remove viruses, trojans, malware from your PC | McAfee

           

                        Please keep me apprised of your progress.

           

          Also,did you run the McAfee Getsusp Tool as suggested? And if so, did you receive a confirmation from McAfee Labs,with a (Work Item ID #)?

           

          Sincerely,

          Catdaddy

          McAfee Volunteer Moderator

          Consumer Products

          1 of 1 people found this helpful
          • 2. Re: Exploit:Java/CVE
            jaykay1

            Hi Catdaddy, many thanks for your continuing help. In response to your questions:

             

            1. I have already tried 'Restore' without success. However, please note that the 'restore dates' available were limited to only a few days, the earliest being 17th Nov when there was a 'critical update, even using the facility requesting earlier dates'. I couldn't find a way to go back further.
            2. Stinger - I tried that several times before contacting McAfee Community, however, I didn't try the Rootkit remover. I'll now look to do so.
            3. Yes I did run McAfee Getsusp as indicated - Reference WorkitemID: 1515846
            4. I am aware of McAfee's professional virus removal service, but was hoping that I could action this myself. It seemed reasonable to think that this problem had been previously reported. If all else fails going to them will be my last resort.

             

            In going through the process you suggested, I did see quite a few threats removed from my laptop, which made me wonder what else I should be doing to keep safe other than just relying on McAfee Total Protection and would be interested to learn your views on this.

             

            Good talking with you and many thanks for your help.

             

            Kind regards

             

            JK

            • 3. Re: Exploit:Java/CVE
              catdaddy

              jaykay1,

                          I will have to keep this discussion short,as I am inundated with Family from out of Town/State. Which in itself makes it difficult to concentrate on further suggestions. Having said this ,I do have a couple more measures we can possibly try. Thank you for giving the (Work Item ID #) received from your Getsusp Scan.

               

                           There are a couple of other programs that in certain instances, that have been used in the past to remove difficult Entities/Entries. It surprises me that taking into consideration all of the Superb Malware Removal Tools we have thrown at this, your issue is not resolved?

               

                            I suggest for the time being that you run a (SFC/SCANNOW) under command prompt to check the integrity of all your Windows Updates. Also there was a Emergency Patch/Update released 11/24/2014 in addition to the one released on 11/14/2014 for Adobe Flash Player (15.0.0.239) for Internet Explorer.

               

                               As for taking safe guards against contracting exploits/malware. There are so many variables involved, being that Adobe Flash Player/Reader and Java are often targets for such occurances. Simply visiting a seemingly legitimate website can initiate a malware process.

               

                                There is no one product that can be 100% in todays computing environment, Bar none.

               

                              I myself run McAfee Total Protection, and so far throughout all of the years (Knock on Wood) have yet to be compromised. I will give it the appropriate time for the (Work Item ID #) to be Processed/Analyzed by McAfee Labs. If you have not heard back from them, I will personally contact a McAfee Labs Technician/Engineer to quite possibly expedite the process.

               

                               During the meantime, I would recommend you Downloading/Installing the following: Autoruns for Windows

              Check and see if the here-in Program is listed in your (Auto-Start) configuration. As I mentioned early on in this post,I will be busy socializing/entertaining and of course "Over-Endulging" on Turkey/Ham and all the Dressings that we all have been fortunate to be blessed with.

               

                               During the interim , it may be the case that one of my knowledgeable colleagues could add to the discussion. I will get back with you again tomorrow and further address your issue, to the best of my knowledge. At this particular time, I hesitate to mention the (2) other programs to use, for it will involve the (Registry). I want to be capable of giving it my full attention, that it deserves.

               

                                 To better understand how this Entity may have arrived on your system, the following two articles are most informative: PUPs - Potentially Unwanted Programs - Basics

               

                                Until I respond, I wish you and your entire family a Happy/Enjoyable Thanksgiving. For we all have so very much to be thankful for.

               

              All the very Best

              Catdaddy

              McAfee Volunteer Moderator

              Consumer Products

              • 4. Re: Exploit:Java/CVE
                jaykay1

                Hi Catdaddy - hope you're well and haven't eaten too much turkey!

                 

                Here's a courtesy update on things. Following your last communication I contacted the 'tech wizards' at Malwaretips.com as you'd suggested and have been assisted by someone called 'TwinHeadedEagle'. He (assuming TwinHeadedEagle's's a 'he') has also been very helpful. He asked me to download and run a number of scans that included:

                 

                • Malwarebytes Anti-Malware
                • Fix with AdwCleaner
                • Scan with Farbar Recovery Scan Tool

                After analysing the detailed scan results, he sent me a tailored 'fix' to download: This was in 2 parts:

                • Fix with Farbar Recovery Scan Tool

                adding that:

                [IMG] This fix was created for this user for use on that particular machine. [IMG]
                [IMG] Running it on another one may cause damage and render the system unstable. [IMG]

                 

                Download attached fixlist.txt file and save it to the Desktop:

                 

                Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

                 

                I have literally just completed a full scan using Microsoft Safety Scanner, which has been the only way I have known about this threat. It's returned a 'clean' scan so the three threats have been actioned and removed, which is great news and I'll report this to 'TwinHeadedEagle' after completing my mail to you.

                 

                Sincere thanks for all of your help and advice - it has been very much appreciated.

                 

                With best wishes

                 

                JK

                • 5. Re: Exploit:Java/CVE
                  catdaddy

                  @jakay1,

                              Glad that all seems to be all sorted out   The Specialists at Malwaretips.com are indeed most efficient.

                  Since your issues as you mentioned are all sorted out. I will mark this thread as Answered. Should you feel the need to contact us in the future, please feel free to do so.

                   

                  Happy Holidays

                  All the best

                  Catdaddy

                  McAfee Community Moderator