Jump to content

Build Theme!
  • Infected?


Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92780 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


[Closed] Possible fake java file

  • This topic is locked This topic is locked
2 replies to this topic



    New Member

  • New Member
  • Pip
  • 1 posts

Posted 01 November 2009 - 12:14 PM

I noticed a new process running. I have only seen it in process' once. I ran a search on my computer and found these. I see jusched.exe running all the time in the process window and have never seen the JUCHECK.EXE before, also the create date is 10/26/09 and not 10/19/08 like the rest of the Java files/ JUCHECK.EXE-366A48E6.pf located in C:/WINDOWS/Prefetch open with unknown application. Has the icon box with the cogs in it. Created 10/26/09 (Bad?) Jucheck.exe located in C://ProgramFiles/Java/jre1.6.0_107/bin Has the orange Java icon next to it. Created 10/19/08 (Good?) I am thinking the first one listed is a baddie and some kind of virus, malware, trojan etc... It is not being flagged by spyware. I also have XP on my laptop and JUCHECK.EXE is not any where on there either. Any info would be greatly appreciated. I just need to know if the one in all caps is valid Java file or if it is pretending to be a Java file. I have got mixed results doing an internet search. Thanks


Register to Remove

#2 Noviciate


    Retired WTT Teacher

  • Visiting Fellow
  • PipPipPipPipPip
  • 2,907 posts

Posted 01 November 2009 - 02:19 PM

The give-away for the "Bad?" file is in the location - C:/WINDOWS/Prefetch. Microsoft created a method of "pre-loading" files so that they could be more quickly accessed when needed. This is part of what your OS is doing when you first boot up when it is unresponsive. The information about the files that it preloads are stored in the prefetch folder as .pf files.
I'd say that the file is legitimate, but there is nothing to stop you deleted this, or any other, file in this folder. Indeed, some people do this on a regular basis in the belief that it speeds up Windows. Others argue against this being effective, but you can't get all the people to agree all the time!
If you care to run a search for Windows prefetch, or similar, you can find out more information.

As to the "good?" file, if you right click it and select Properties, you should find out something about the original owner. I'd say that it was legit, as I have the same file in the same location.

I trust this "solves" the problem.
Death to the salad eaters!

#3 Noviciate


    Retired WTT Teacher

  • Visiting Fellow
  • PipPipPipPipPip
  • 2,907 posts

Posted 08 November 2009 - 03:08 PM

Due to inactivity this topic will be closed. If you need help please start a new thread.
Death to the salad eaters!

Related Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users