Need Help Understanding Sygate Security Message

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

I'm running XP Home SP2 and Sygate 5.6. I'm not sure what more to do
about this entry in Sygate's security log today. Any help will be very
much appreciated.

    Security Type: Executable File; Severity: Major; Direction: Outgoing
    Protocol: TCP; Remote Host:
    Application has changed since the last time you opened it, process
    id: 3316
    Filename: C:\\Program Files\\Java\\jre6\\bin\\java.exe
    The change was denied by user
    ---- Modules changed: 1 ----
    C:\\Program Files\\Java\\jre6\\bin\\java.exe
    ---- New modules: 0 ----

The message seems to be saying contradictory things: 1) the application
has changed and 2) change denied by user. Did malware from the remote
host change java.exe or did I stop it?

Around the time Sygate's icon began flashing red, the java icon appeared
on my taskbar, though I didn't launch it and was not running a program
that should have launched it.

What I did so far: I closed all programs (which had all become very slow
to respond), rebooted without being connected to the net, and performed
quick scans of my c: drive with recently updated versions of
Malwarebytes, Superantispyware, and Avast. They all turned up no malware
or viruses. Scans with Malwarebytes and Avast of c:\\program files\\java
and c:\\program files\\JRE launched from the right click menu in windows
explorer also turned up no malware of viruses.

Is there anything else I should do?

The remote host ( is a known distributor of malware
according to web of trust (

Other Questions:
Could this have anything to do with jusched.exe, which is set to check

Could it have anything to do with the Firefox add-on Java Quick Starter
Service, which I thought I disabled, but is now enabled. I don't know
when that changed?

There was no traffic to or from the remote host in Sygate's traffic log.
I guess it goes in one log or the other?

Thank you again for any help.


Site Timeline