Virus found in the Java Runtime Environment (JRE) cache directory
This article applies to:
Windows 98, Windows ME, Windows 2000 (SP4+), Windows XP (SP1 SP2), Windows 2003
Malicious applets have been discovered in the JRE cache directory. Anti-virus programs have detected such malicious applets in the following directory:
C:\Documents and Settings\<username>\Application Data\Sun\Java\Deployment\cache\javapi\v1. 0\jar\
These malicious applets are designed to exploit vulnerabilities in the Microsoft VM (Microsoft Security Bulletin MS03-011). If you are using the Sun JVM as your default virtual machine, these malicious applets cannot cause any harm to your computer. Examples of the JAR files are:
When the browser runs an applet, the JRE stores all the downloaded files into its cache directory for better performance. We have received reports of the following malicious applets in the cache directory:Trojan.ByteVerify
However, in this instance, storing these applets in the cache directory can not cause any harm to your computer because they are designed to exploit a vulnerability in the Microsoft VM, not the Sun JVM.
If you find one of these malicious applets on your computer, please use an anti-virus program to delete the applet, or you can clean the cache directory manually.
Here are the instructions on how to manually remove these malicious applets from the JRE cache directory:
From the Start button, click Settings > Control Panel
In the Control Panel, open the "Java Plug-in Control Panel"
Select the Cache Tab
Click the Clear button inside the Cache Tab, which will clear your JRE cache directory
Edited by AitrusSkyy, 13 August 2006 - 10:27 PM.