jucheck.exe

A

AndyHancock

Avast detected "c:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe".
This is also a legitimate file, but googling shows a worm also
masquerades with that name. How can one tell whether it is the
legitimate one or worm?
 
A

AndyHancock

On Jun 8, 8:23 pm, AndyHancock <AndyMHanc...@gmail.com> wrote:
> Avast detected "c:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe".
> This is also a legitimate file, but googling shows a worm also
> masquerades with that name. How can one tell whether it is the
> legitimate one or worm?

I found this thread at "http://forum.avast.com/index.php?
topic=36183.0". I guess I'll migrate there for this thread, though
one needs an account on that forum to participate.
 
M

MowGreen [MVP]

IIRC, that is an older, vulnerable version of Sun's JRE, Andy.
*Strongly* suggest that you uninstall ALL older, vulnerable Versions
from Add/Remove Programs in the Control Panel.
If you want the latest so-called secure Version, click the Download
button next to Java Runtime Environment (JRE) 6 Update 6 on this page:
http://java.sun.com/javase/downloads/index.jsp

Me, I don't trust Sun and none of their runtimes are installed here nor
on any of my other systems.

MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============


AndyHancock wrote:

> Avast detected "c:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe".
> This is also a legitimate file, but googling shows a worm also
> masquerades with that name. How can one tell whether it is the
> legitimate one or worm?
 
D

David H. Lipman

From: "AndyHancock" <AndyMHancock@gmail.com>

| Avast detected "c:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe".
| This is also a legitimate file, but googling shows a worm also
| masquerades with that name. How can one tell whether it is the
| legitimate one or worm?

You can usually tell from where it is executed from as long as the file was not replaced or
Trojanized.

f you are using any version of Sun Java that is prior to JRE Version 6.0,
then you are strongly urged to remove any/all versions.
There are numerous vulnerabilities in them and they are actively being exploited.

It is highly suggested that you update to the latest version which is Sun Java JRE/JSE
Version 6.0 update 6 (jre 6u5)

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version.

Such as...
C:\Program Files\Java\jre1.6.0_06

http://java.sun.com/javase/downloads/index.jsp
http://www.java.com/en/download/manual.jsp

FYI:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102622-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
A

AndyHancock

On Jun 8, 8:23 pm, AndyHancock <AndyMHanc...@gmail.com> wrote:
> Avast detected "c:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe".
> This is also a legitimate file, but googling shows a worm also
> masquerades with that name. How can one tell whether it is the
> legitimate one or worm?

On Jun 9, 4:17 pm, "MowGreen [MVP]" <mowgr...@nowandzen.com> wrote:
> IIRC, that is an older, vulnerable version of Sun's JRE, Andy.
> *Strongly* suggest that you uninstall ALL older, vulnerable Versions
> from Add/Remove Programs in the Control Panel. If you want the
> latest so-called secure Version, click the Download button next to
> Java Runtime Environment (JRE) 6 Update 6 on this
> page:http://java.sun.com/javase/downloads/index.jsp
>
> Me, I don't trust Sun and none of their runtimes are installed here
> nor on any of my other systems.

On Jun 9, 4:24 pm, "David H. Lipman" <DLipman~nosp...@Verizon.Net>
wrote:
> From: "AndyHancock" <AndyMHanc...@gmail.com>
>
> | Avast detected "c:\Program
> Files\Java\jre1.6.0_01\bin\jucheck.exe". | This is also a
> legitimate file, but googling shows a worm also | masquerades with
> that name. How can one tell whether it is the | legitimate one or
> worm?
>
> You can usually tell from where it is executed from as long as the
> file was not replaced or Trojanized.
>
> f you are using any version of Sun Java that is prior to JRE Version
> 6.0, then you are strongly urged to remove any/all versions. There
> are numerous vulnerabilities in them and they are actively being
> exploited.
>
> It is highly suggested that you update to the latest version which
> is Sun Java JRE/JSE Version 6.0 update 6 (jre 6u5)
>
> Simple check, look under... C:\Program Files\Java
>
> The only folder under that folder should be the latest version.
>
> Such as... C:\Program Files\Java\jre1.6.0_06
>
> http://java.sun.com/javase/downloads/index.jsphttp://www.java.com/en/download/manual.jsp
>
> FYI:http://sunsolve.sun.com/search/docu...com/search/document.do?assetkey=1-26-102760-1

On Jun 8, 8:43 pm, AndyHancock <AndyMHanc...@gmail.com> wrote:
> I found this thread at "http://forum.avast.com/index.php?
> topic=36183.0". I guess I'll migrate there for this thread, though
> one needs an account on that forum to participate.

MowGreen, David,

Thank you for the warning. Will action your advice. Similar advice
was provided at the Avast forum, thread
http://forum.avast.com/index.php?topic=36183.0
 
You must log in or register to reply here.

Similar threads

A
I think i have a WORM in my computer
Replies
0
Views
39
aliefe kaplan
A
A
I think i have a WORM in my computer
Replies
0
Views
45
aliefe kaplan
A
N
Different Behavior Between Interactive Logon and Batch Job/Service Account for COM Object Interaction
Replies
0
Views
58
Nicknake
N
P
After resetting my PC, I still believe a virus is present; how can I completely remove it?
Replies
0
Views
50
Peter_dmtr
P
E
How do I reset the dialog box interface for editing Environment Variables in Windows?
Replies
0
Views
44
ersatzJ
E
Back
Top Bottom