Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Java virus or desktop image virus, or something else?


  • Please log in to reply
No replies to this topic

#1 Technisk

Technisk

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:34 PM

Posted 08 August 2016 - 06:55 AM

I have one Windows 7 machine where the process UI0Detect.exe pops up with the following suspicious message:
 

A program running on this computer is trying to display a message.


Show program details, gives the following (translated from Norwegian):
 

Message tittle: Java Setup - Welcome
Program path: C:iWindows\TEMP\jdsXXXXX.tmp\jre-8u101-windows-i586.exe


XXXX = numbers, varies after removal and when showing up again after restart.

When installing the latest Java, and restarting the machine, Java is gone in the Control Panel list of installations.

There is also a desktop background picture, which I cannot completely remove. Downloaded by the user from somewhere he cannot remember.

Both the folder and this picture reappears after permanently deleting them (SHIFT + DELETE) when running computer in Safe Mode.

The same picture reappears after removal, but located in different folders and with different names:
 

C:\Users\USER NAME\AppData\Roaming\Microsoft\Windows Photo Viewer\Bakgrunn for Windows Fotovisning.jpg

 

C:\Users\ USER NAME\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg


I have scanned with Microsoft Removal Tool (MRT), Windows Defender (only scanned the Windows folder) and the Anti Virus software, but there is nothing there.



BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users