-Something pops up saying Yes or No to allow jucheck.exe to make changes or update something on my computer.
It is in a shield icon and for some reason 2 of them pop up. If I say "No" it closes then a new one opens.
I'm scared to press yes, is it a virus? What is jucheck.exejucheck.exe Added by the W32.Scrimge.O worm. W32.Scrimge.O is a worm that spreads through Microsoft instant messaging clients and opens a back door on the compromised computer.
http://www.bleepingcomputer.com/startups鈥?/a>
~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.microsoft.com/security/portal鈥?/a>
Download Malwarebytes鈥?Anti-Malware, or MBAM, and save it to your Desktop:
http://malwarebytes.org/
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to the following:
* Update Malwarebytes鈥?Anti-Malware
* Launch Malwarebytes鈥?Anti-Malware
* Then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* If it asks for a Restart DO SO, Very Important
Now please download SUPERAntiSpyware and save to Desktop
http://www.superantispyware.com/
* Once downloaded, close all programs and Windows on your computer, including this one.
* Double-click the icon on your desktop named SUPERAntiSpyware.exe. This will start the installation. Keep following the prompts in order to continue with the installation process.
* Please select your language you want the program to use and then press the OK
* You will now be prompted to update the SUPERAntiSpyware definitions. Please press the Yes button to allow the program to download and install the latest updates
* After the definitions are updated, the welcome screen for SUPERAntiSpyware will appear.
* When you get to the screen asking if you would like to send the diagnostics, you can choose to allow it to or not. Either choice will have no affect on the effectiveness of its malware scan. When you get to the last screen, click on the Finish button.
* You will now be prompted if you would like SAS to protect your home page. If you select the Protect Home page option, SUPERAntiSpyware will alert you if another program is trying to change your browser鈥檚 home page. Click Yes
* Then you will be at the main screen for SUPERAntiSpyware. Click the Preferences button, then Scanning Control tab, and put a checkmark in the following options
o Close browsers before scanning.
o Scan for tracking cookies.
* Now press the Close button to go back to the main screen.
* Click on the Scan your Computer鈥?button to begin the scanning process. You should select the Perform Complete Scan option and then press the Next button to start scanning your computer.
* When the scan is finished a screen will appear showing the summary of what was detected. You should click on the OK button to close the summary screen box and continue with the removal process.
* You should now click on the Next button to remove all the listed malware. If it displays a message stating that it needs to reboot, please press the Yes button to allow it to do so. VERY IMPORTANT to DO
* Click the Repair Tab after the restart if any issues still remain and SAS will atempt to fix them.
For further details see here
Basic Malware Removal Guide
http://vmsar.wordpress.com/basic-malware鈥?/a>It's malware with the same file name as java's update checker, if it was related to Java you would not get a pop-up asking for permission. Windows would already know it was a trusted program.
Don't allow it. It's really common for viruses and malware to have file names that are the same as legitimate Windows files or legitimate third party program files.
The fedex guy is right its not a virus or anything.I did this 3 days ago and Norton antivirus said it was fine...
没有评论:
发表评论