Solved: jpi_cache; what is it?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

rainforest123

Thread Starter
Joined
Dec 28, 2004
Messages
8,256
1. What is jpi_cache ?
Today, 04 Feb 2005, my NAV 2004 detected 3 files, infected by Trojan.byteVerify.

The compressed file VB.class within C:\Documents and Settings\user_name\.jpi_cache\jar\1.0\archive.jar-2178ee9f-58587eb5.zip is infected with the Trojan.ByteVerify virus.

Windows 2000 Pro SP4
I obtained the ms03-011 , 816093 update during 2004.
ZA Pro 5.5

Recently, I downloaded some music from emusic.com . I suspect that the infection came from one of those downloads.

I have read: http://securityresponse.symantec.com/avcenter/venc/data/trojan.byteverify.html

2. Did the Microsoft update protect me from the problems noted at symantec's site?

I refer to:

technical details

When Trojan.ByteVerify is executed, it performs the following actions:


Escapes the sandbox restrictions, using Blackbox.class, by doing the following:

Declares a new PermissionDataSet with setFullyTrusted set to TRUE.
Creates a trusted PermissionSet.
Sets permission to PermissionSet by creating its own URLClassLoader class, derived from the VerifierBug.class.

Loads Beyond.class using the URLClassLoader from Blackbox.class.

Gains unrestricted rights on the local machine by invoking the .assertPermission method of the PolicyEngine class in Beyond.class.

Opens the Web page, http://www.clavus.net/lst.backs, and parses the text that this site displays.

For example, SP|www.ewebsearch.net/sp.htm means that the Internet Explorer Start Page will be set up to www.ewebsearch.net/sp.htm

Several pornographic links are added into the favorites.

May attempt to retrieve dialer programs and install them on the infected computer. The dialer programs may attempt to connect the infected computer to pornographic Web sites.

B123
 
Joined
Sep 7, 2004
Messages
49,014
# Click Start | Settings | Control Panel
# Click the Java Plugin Icon
# Click the Cache tab
# Click the Clear button and click OK to confirm
# Note: Please repeat this procedure for each "Java Plugin" button in your Control Panel
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top