I have turned it off and you cannot recommend a thread without it.

HOWEVER TURN THE DAMN THING OFF!!!

It was trying to load a wireless something or the other and I am on a DSL connection!!

the Firefox extensions for Java?

Can't miss it, it's right after the bold red warning.

Clicking that should yield this:

I disabled Java in FF and I don't have it in Chrome extensions.

...whether you disable Java in the Control Panel (as described in my post #38) or not.

https://blog.mozilla.org/security/2013/01/11/protecting-users-against-java-vulnerability/

n/t

and badly.

says when she disables Java in FF and restarts FF it is enabled again.

WTH?

How I got rid of "it".

Somehow managed to connect to the net and download update to SuperAntiSpyWare and it found nine nasties .... got rid of them.

The went to system restore, date of last year -- nothing to really lose.

Rebooted and it works it works but ...
Why is it trying to update Adobe Acrobat?

is that all about?

I hope I didn't screw up my computer. I guess I won't know until I restart it

I had to retire my ThinkPad. I took my old one out made in 1998 if you can believe that.

It is a A20m with Windows 2000 on it.

I'm going to use this until we find out what this is as my desktop has Windows XP Pro on it as well -- so far so good with the Java disabled (NOT the Java script).

However, you cannot access many sites at all and gee I thought I needed to retire this old baby here. I guess not.

No sign of this one doing anything as it is not at risk. Good test computer I'm thinking.

I read the update of adobe was part of "it".

Patch to fix to come from Oracle I read.

fug.

I do books for a couple of small companies on mine ... I'm in the middle of backing up everything right now. I don't think I'll let it restart until I know what I've done or haven't done by letting it update.

but it will start up with the updating right away ...

I've put her away and did not allow it to grab that update again!!

Back 'er up good just in case!

I did some searching around and it seems Acrobat reader had a major security flaw too and it noticed a few days before this other thing broke, hence the dowload appearing. By all means DO download this fix for Adobe Acrobat Reader!!! Coincidence?

As for the ThinkPad, it now seems to be gone (after working on it for hours on end last night! ).

Windows update downloaded a security fix this a.m. for "January 2013". Maybe that download fixed my computer, I don't know but I'm not turning Java 7 back on until I find out for certain.

What a nightmare these past 24-hrs. have been!!

I think I'm going to go back to bed. I'm freaking exhausted!

I did a quick search on it last night and couldn't find anything, so let it restart, and everything's fine. I hope you get all your troubles worked out.

I was using the laptop earlier today for about 1 hour and left for the day.

Came back and restarted the whole thing from scratch and there it was.

My server didn't even know of it. When I told them what Homeland Security said re: it they freaked. Uh huh ...

Got a laptop with Windows 2000 on it? If you don't you too are at risk unless:

1. Using Firefox or Chrome.

Make sure Java is disabled in Firefox. Script ok to leave enabled is the word.

I just came back from running Spybot S&D; 37 tracking cookies, 36 of them associated with Google Chrome- a browser I almost never use for this very reason. Every time I check for spyware, it's all on Chrome.

I'll be running an actual virus scan later tonight (takes time & ties up the memory) and we'll see what it turns up.

I'm in the process of disabling Java on all my browsers now. So how did you know the thing was there?

It booted up and there was this bizarre thing about a wireless something or the other and the system was locked.

I could even use the trackpoint - no movement.

I'm on the laptop right now and YES it is VERSION 7 damn damn damn

My desktop has a different version.

Little baby old ThinkPad 15 years old A20m does not have Java on it. Gotcha there any freaking hackers!

I have a veeery old version (now disabled) I've been reading articles linked to the one in the OP, but so far I haven't found anything to suggest I'm any better off.

Overview: http://joe4security.blogspot.com/

Now how does one get rid of it. I've got 4 computers here, 3 w/XP PRO, 1 w/WINDOWS 2000 (no Java on this) and one had the Version 7 Java on it, my main machine btw and it is messed up badly.

I did this and actually said machine seems to be working ok expect Java 7 is disabled so I have limited abilities online for the time being until we are told that Java 7 is safe to use.

Have noted the desktop I am using now says that Java 6 is out-of-date and it wants me to upgrade to Java 7. I don't think I'll be doing that right away.

I be honest w/you I think this whole thing is a plot to get people with old computers which I have about 6 of, all but one works, to buy a new one.

I don't want Windows 8, it sounds like a nightmare VISTA clone perhaps. Windows 7 Professional or Ultimate might be great but I don't feel like forking out over a $1,000.00+ to upgrade everything. I'm sure that there are many in this same boat too.

Kind of angers me to say the least!

Thanks for your tip btw!

Are you using Windows XP?

What I was suggesting is that you do a "system recovery". I've always been able to find that. It usually is the other option besides "system restore". Go through your control panel again and see if you can navigate to system recovery. That will restore your computer to its original state, minus the bugs and viruses.

The Acer has a back-up of XP Pro but it came with Vista on it. It is a bit of a nightmare of a machine but hey, it works. ThinkPads have no back-up. System restore or else the old format c: /u in DOS and hopefully you have a new OS to load. If you don't you are sunk unless you pay some tech $80.00 an hr. to "fix" it if that is even a real possibly with a 10 year old laptop.

but the partition on the computer has XP installed for system recovery? The computer came from the factory that way? That doesn't make sense.

As far as the ThinkPad, sounds like you shut it down and then keep clicking f-11 as it's starting up. http://answers.yahoo.com/question/index?qid=20090830154456AAK3QAX

That is why it is so messed up! It doesn't have a partition. VISTA is GONE from it and XP can be reinstalled with the disks that came with it. However, it did not come with a copy of VISTA (not that I wanted it!).

I am frankly shocked that it still works and it is a horrid beast to reload! UGH.

Not sure the F11 thing works, depends on which ThinkPad I'm using (definitely does not work on the A20m). I think you end up in another world perhaps. (lol ...)

I didn't even know about Java being dangerous to my computer. I'm running Windows 7 and just upgraded Java 2 days ago.
Hope I didn't screw anything up, seems to be running fine, but Java now disabled.

* Should I do a scan? Does my anti-virus pick it up?

* How disable, go to Programs and do a "remove"?

* What are the signs that something is wrong? My machine/Windows 7 is acting slightly slow, customary sites (gossip/Gawker) almost wouldn't load, are sites like that more dangerous?

Thanks for any consideration.

Has your computer dowloaded anything this a.m.? A Windows security update?
Is it ON?

I got rid of it somehow seemingly after the update this a.m.

However, I also did all of the below:

Use SUPERAntiSpyware (get from download.com)

It will scan and find a bunch of stuff and you opt to remove/delete what it finds.

Also ran Avira AV which I could not even open/load until today after that Windows update came on.

You should be online only if you have Firefox/Chrome.

If Firefox:
GET the latest update of it - Top bar HELP ==> About Firefox ----> Check for Updates. I am running v. 18.

After all of this, be certain to TURN OFF JAVA 7 until further notice it seems. Some say it is ok to leave the Java 7 script on, others not. I have it OFF. Better safe than sorry.

This is done by Tools bar above. Go to Add-Ons.
click on plug-ins
DISABLE EVERYTHING THAT SAYS THE WORD JAVA ON IT - simple to do, on/off sort of thing.

and I see this too:

https://addons.mozilla.org/en-US/firefox/blocked/p186

It may want you to update Adobe Acrobat, you'll see it there with the other plug-ins asking to update. This is another FIX not part of the virus so you should do it - a security risk it is saying.

Better change all passwords that are critical is my advice on this (i.e. banks, etc. etc.).

Confused yet?

Seriously glad to help. No one needs to pay some ISP guy $300.00 to be rid of it!

Last edited Sat Jan 12, 2013, 11:52 PM - Edit history (1)

no Firefox no chrome. no downloads this a.m. there were fourteen windows t.other day. is this a one day thing. how come this isn't a hot topic all over the board

*****O.K., am on a keyboard now instead of pecking at the Kindle screen. Did a Search and read a couple of articles NBC tech/site (can't paste links). I'm getting the bottom line is not to use IE at all until Windows can issue a fix/patch. So this Kindle thing is android, right? So this is O.K.?

Went to the Search article that gave steps through Control Panel, but the instructions didn't match the windows that came up for the Java Control Panel ("Security tab, unclick the 'enable' box." All that showed up there was 'Certificates.'). I think the article said the disabling has to be done specifically for browsers through Registry or by each browser and that if witless dudes like me shouldn't do anything if we don't know what Registry is.

I did follow your info about going to download.com, saw the anti-spyware download. I think I'm going to stick to using the Kindle until things get patched up? Please let me know if the Kindle is included in the off-limits!1 Thanks!1

should be running anyway.

The upgrade is Java 7! *sigh*

Bottom line (according to these geeks giving out this info. is really this): Buy a new computer you loser with your 15 year old laptop and old machines that still work is the message I'm getting very loud and clear!

Soon few computers will work as Microsoft will stop supporting XP in Aug. of 2014. After that, we are on your own.

On edit: I have 2 old comptuers (1 desktop that I am using at the moment and one other older laptop besides the really old one with Windows 2000 on it with NO Java plugins on it at all!) that show Java 6 on them. This desktop is not that old, an ACER bought in 2008.

I have a registry cleaner that I use here:

http://www.eusing.com/free_registry_cleaner/registry_cleaner.htm

Simple enough and does the job!

I don't know what the "Kindle" thing is (??).

You are right though as I read the same. Only those using Firefox or Chrome can be online with Java 7 disabled. You have no business being online with IE right now. I don't use IE anyway, gave up on that one a long time ago (too many security risks as if this is any better eh?!).

not available in previous versions.

Below is what I believe is the easiest way to disable ALL Java plugins on Windows computers (credit Grinler site Owner/Admin @ Bleepingcomputer)
http://www.bleepingcomputer.com/forums/topic481462.html/page__view__findpost__p__2945754

Using a version of Java that is not Version 7 Update 10

1. Uninstall all versions of Java.
2. Download and install Version 7 Update 10 from the following locations depending on the bit-type of Windows:

Windows Offline (32-bit) http://javadl.sun.com/webapps/download/AutoDL?BundleId=71835
Windows Offline (64-bit) http://javadl.sun.com/webapps/download/AutoDL?BundleId=71837

3. Disable Java in your browsers by following these steps: http://www.java.com/en/download/help/disable_browser.xml

Java will now be disabled in your browsers. You must do this step for all users on Windows computers.


Currently using Version 7 Update 10

1. Disable Java in your browsers by following these steps: http://www.java.com/en/download/help/disable_browser.xml. Java will now be disabled in your browsers. You must do this step for all users on the Windows computer.

Using an 15 year old ThinkPad and whoa is she slow! 6 gb HD on it! Glad I have it nonetheless!

On a desktop now and disabled the Java 6 on it that is supposed to be upgraded to Java 7.

* I was able to REC threads here at DU.

* Haven't tried YouTubes yet

* Don't know about being able to respond to DU jury yet

I learned my computer is 64bit, so should I now install Java7 64bit and also DISABLE it until the fix is ready?

Java is a programming language and JavaScript is a scripting language. This page explains the difference: https://service.parachat.com/knowledgebase/79/What-are-the-differences-between-Java-and-JavaScript.html

Java FAQ: http://java.com/en/download/faq/whatis_java.xml

What will I get when I download Java software?

The Java Runtime Environment (JRE) is what you get when you download Java software. The JRE consists of the Java Virtual Machine (JVM), Java platform core classes, and supporting Java platform libraries. The JRE is the runtime portion of Java software, which is all you need to run it in your Web browser. When you download Java software, you only get what you need - no spyware, and no viruses.

What is put on as “the infection” is a matter of the payload chosen by the person(s) utilizing the exploit for this vulnerability. You can check and see if you’re vulnerable, but the only way to see if you’re infected is through the use of security software, Anti-Virus, Anti-Malware, etc. There's no accounting for zero day threats however.

From what I've read/heard thus far this vulnerability is mainly being used by exploit packs, which are crimeware tools made to be stitched into Web sites so that when visitors come to the site with vulnerable/outdated browser plugins (like this one), the site can silently install malware on the visitor’s PC. Exploit packs can be stitched into porn sites as well as legitimate sites. All it takes is for an attacker to be able to insert one line of code into a compromised site.

Typically when you’ve been a victim of a “drive by” like this, you will notice the effects; some will block access to security related web sites, like Symantec, Avast, Avira, Malwarebytes etc; they can disable features on the Windows system like Control Panel, Windows Update, Safe Mode, block/disable anti-virus, or anti-malware apps & scanners, block executables, hide your files/desktop...and much much more.

Possibly a Facebook acct. I was looking at (owner has a "history" of visiting sites that I do NOT go to) and/or believe it or not, an online support group which I just dropped out of the day before this happened luckily! *whew*

Isn't that a hell, an online support group?

Who needs one anyway when they've got the DU?

THANKS for your help!!

link to info. I use the paid version and that auto blocks the ransomware. They have a free version and help to remove the 'ransomware' if infected.

http://blog.malwarebytes.org/intelligence/2013/01/cta-unpatched-java-exploit-in-the-wild/

I'll try/run that one too just in case it is still there.

Difficult to know with Java disabled.

However, I think that download this a.m. got rid of it, the Windows update.

What is the goal of this we ask ourselves?

Goal was this which I almost fell for in the heat of last night:

BUY A NEW ONE WITH WIDOWS 7 PROFESSIONAL on it ...

Didn't do it as I just do not have money for that.

How much would this affect my browsing experience?