Click on it for details:) JavaUpdateScheduler.
Cetin
>What is
jusched.exe?>
>MartinJ
>
>>jusched.exe is supposed to be JavaUpdateScheduler but this might be just another file abusing the trust to Sun.
>>Summary:
>>Key under HKLM\Software\Microsoft\Windows NT\WinLogon changes to:
>>explorer jusched.exe
>>
>>Symtomps (XP SP2-SP1 or earlier wouldn't give this symptom unless you manually adjusted):
>>When you try to browse to a webpage, you start to get "Page not found" on second attempt if not on first.
>>Checking events shows a warning event ID 4226 (TCP/IP has reached security limit...) - this means there were connection attempts over 10/secs. If tcpip.sys is patched to remove limit or SP2 is not installed (win2003 SP1) you wouldn't get these symptoms nor event logged. However you might notice slowdown in network connections.
>>Checking from DOS prompt:
>>netstat -no
>>reveals connections on port 445 all with same PID (PID points to jusched.exe).
>>
>>PS: Remember in my case it was jusched.exe. Whatever it's currently unidentified by virus scanners as a virus. SP2 firewall warned or not I don't know (I'm not the user of affected boxes only admin here - after they said they can't connect to internet since wednesday these were what I found and fixed, during fix I saw jusched was added in firewall exceptions list, probably users don't know what to do when they see alert and simply choose unblock).
>>
>>Fix: Well I only edited registry to remove all entries I found and it's gone. Just luck believe me:)
>>
>>Cetin