Platform(s): Windows 98, Windows ME, Windows 2000 (SP4+), Windows XP (SP1 SP2), Windows 2003
JRE version(s): 1.4.2_xx, 1.5.0
SYMPTOMS
Malicious applets have been discovered in the Java cache directory. Anti-virus programs have detected such malicious applets in the following directory:
C:\Documents and Settings\<username>\Application Data\Sun\Java\Deployment\cache\javapi\v1.
0\jar\
If you are using the Sun JVM as your default virtual machine, these malicious applets cannot cause any harm to your computer.
Examples of the JAR files are:
javainstaller.jar
menu.jar
archive.jar
classload.jar
285.jar
count4.jar
loaderdmitriy.jar
CAUSE
When the browser runs an applet, Java stores all the downloaded files into its cache directory for better performance. We have received reports of the following malicious applets in the cache directory:
Trojan.ByteVerify
VerifierBug.class
Java.JJBlack worm
Java.Shinwow trojan
However, in this instance, storing these applets in the cache directory can not cause any harm to your computer because they are designed to exploit a vulnerability in the Microsoft VM, not the Sun JVM.
SOLUTION
If you find one of these malicious applets on your computer, please use an anti-virus program to delete the applet, or you can clean the cache directory manually.
Here are the instructions on how to manually remove these malicious applets from the Java cache directory:
From the Start button, click Settings > Control Panel
In the Control Panel, open the "Java Plug-in Control Panel"
Select the Cache Tab
Click the Clear button inside the Cache Tab, which will clear your Java cache directory
To enable the Sun Java Virtual Machine as the default JVM, please refer to:
Sun provides third-party contact information to help you find technical support. This contact information may change without notice. Sun does not guarantee the accuracy of this third-party contact information.
The third-party products discussed in this article are manufactured by companies independent of Sun. Sun makes no warranty, implied or otherwise, regarding the performance or reliability of these products.
NEED MORE HELP?
If you require further assistance, please make sure you check through our
Help and FAQ sections thoroughly. We probably have a page that answers your question.