Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Jucheck.exe infected w/trojan


  • Please log in to reply
6 replies to this topic

#1 poetist

poetist

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 11 December 2011 - 11:56 PM

Anyway, I was minding my own business, but I got this XP Internet Security Alert.

It said it blocked jucheck.exe which is infected with torjan-BNK.Win32.keylogger.gen

It's all Greek to me, but I remember I had an issue with something called Win32.

To make a long story short, I went through Bleeping Computer's suggested list of AntiMalaware and Anti-Virus programs. I am supposedly downloading the programs, but when I click on them they do not run.

Help!!!

Edited by Orange Blossom, 12 December 2011 - 08:54 PM.
Moved to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:04 AM

Posted 12 December 2011 - 01:23 AM

If your OS is xp

Right click on the security software

Select-Run as

Now uncheck protect my compouter against unauthorized activity option

Click ok

This should most probably make your security softwares run.

Good luck

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:04 AM

Posted 12 December 2011 - 08:24 AM

jucheck.exe is related to Sun Java UpdateChecker Module. It could be infected or that same name could be used by malware but run from a different location. However, if a Rogue Application like XP Internet Security is making the detection, then most likely it is a bogus (fake) alert. Win32 is the Windows API for 32-bit applications but it is often used in naming schemes for various types of malware.

-- Some types of malware will target Malwarebytes Anti-Malware and other security tools to keep them from running properly. If that's the case, please refer to the suggestions provided in For those having trouble running Malwarebytes Anti-Malware. Suggestions for renaming or changing the file extension can also be used for other security tools.

Some malware infections will alter file associations and registry keys corresponding to them so programs will not work properly. In order to get them working again this modification needs to be repaired. If none of the about works, then try this.

Please download one of the following tools by Farbar for your Operating system.

ExeFix.scr for Windows XP
ExeFix.reg for Vista/Windows 7

  • Save the file to a USB flash drive or to the root of the system drive (usually C:).[list]
  • Important! Boot your computer into the user account that is having trouble running exe files.
  • Double-click on the file you downloaded for your OS to run it.
  • You may need to reboot the computer or confirm the prompt to allow it to merge into the registry.

CAUTION: Some of these steps involve making changes in the Windows registry. Always Create a New Restore Point and back up your registry before making any changes. Vista/Windows 7 users can refer to these instructions. If you're not familiar with working in the registry, then you should NOT attempt to make any changes on your own. Improper changes to the registry could adversely affect your computer and render it inoperable. ERUNT or ERUNTgui is an excellent free tool that allows you to to take a snapshot (backup) of your registry before making changes and restore it when needed.

Note: ERUNT and NTREGOPT will only work correctly in Windows 7 and Vista if you turn off User Account Control (UAC) in Windows Control Panel.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 poetist

poetist
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 12 December 2011 - 10:21 PM

Narenxp, that didn't work.

Quietman, I went to the link for those having trouble with Anti-Malaware, and I changed the extension. It didn't work. I downloaded the Farbar tools. I was not or unable to save it to a USB. If I click save link, the infection notice would pop up.
I restarted the computer, and I got the same thing.

Moreover, I have tried to get on Word, and I get the message:
winword.exe is infected w/Trojan.BNK.win32.keylogger.gen

Special Note: I do not have XP Internet Security. I have AVG, so why is XP Internet Security notices pop up? Should I just buckle down and buy it, or is this some kind of ploy to get my credit card number?

Update: I figured out that I have this notorious XP Internet Security 2012 wammy.

Anyway, I able to download FixNCR, but I am still not able to download Malaware or RKill. I am able -- for the moment -- to use Word.

Help!!!

Edited by poetist, 13 December 2011 - 12:50 AM.


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:04 AM

Posted 13 December 2011 - 07:29 AM

If you cannot use the Internet or download any required programs to the infected machine, try downloading them from another computer (family member, friend, library, etc) with an Internet connection. Save to a flash (usb, pen, thumb, jump) drive or CD, transfer to the infected machine, then install and run the program(s). If you cannot copy files to your usb drive, make sure it is not "Write Protected". Some flash drives have a switch on the side or on the back as shown here which could have accidentally been moved to write protect.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 poetist

poetist
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:04 AM

Posted 14 December 2011 - 01:51 AM

Okay, I'll try that tomorrow, thanks.

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:04 AM

Posted 14 December 2011 - 08:21 AM

Not a problem. Good luck.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users