This just happened last week and I have not yet found a solution.
Apparently there is a new Java Updater Exploit. (as if there were not enough of them already)
It was not caught by AVAST nor Bit Defender or any other AV that the people who got it were using.
It may be by now but too little, too late.
Now I have to find a way to get rid of the BAD copy and replace it with a good one.
Sounds easy enough but if using a browser that is already infected it redirects you back to another infected copy.
The fact that the update was only 800kb you would think would have set off someone's alarms but most people (Just People)
never even look at that. If the site LOOKS real (and it did Very real). They just go for it.
Now I need a way to get them back to clean. Only when I ask Google for a "Clean copy of Java" you get 100 sites that offer to give you NOT clean copies.
If you go to JAVA, they try their best to install it JUST for you. Which may or may not be the best idea. But either way it isn't ME that has the problem.
If I send the link to the download to the people with the BAD copy, as soon as they enter it into their browser it is redirected to the Infected copy. and the cycle begins again.
except now they blame ME for giving it to them.
Any options would be appreciated.
Even if I just knew for 100% sure I could tell them to UNINSTALL Java and NEVER put it back.