When a browser runs an applet, the Java Runtime Environment (JRE) stores the downloaded files into its cache folder (C:\Documents and Settings\username\Application Data\Sun\Java\Deployment\cache) for quick execution later and better performance. Malicious applets
are also stored in the Java cache directory
and your anti-virus may detect them and provide alerts. Notification of these files as a threat does not always mean that a machine has been infected
; it indicates that a program included the viral class file but this does not mean that it used the malicious functionality. However, when alerted to this type of threat, it's a good practice to clear the Java cache
and clean out Windows temporary files
For more specific information about Java exploits, please refer to Virus found in the Java cache directory
. Also be aware that older versions of Java have vulnerabilities that malicious sites can use to exploit and infect your system
. That's why it is important to always use the most current Java Version
and remove outdated Java components.
When an anti-virus or security program quarantines
a file and moves it into a virus vault (chest) or a dedicated quarantine folder, that file is essentially disabled and prevented from causing any harm to your system. The quarantined file is usually renamed before moving, safely held there and no longer a threat
until you take action to delete it. One reason for doing this is to prevent deletion of a crucial file that may have been flagged as a "false positive
" especially if the scanner uses heuristic analysis
technology. Heuristics is the ability of a scanning program to detect possible new variants of malware
before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as suspicious or infected. If that is the case, then you can restore the file and add it to the exclusion or ignore list.