Remove Java at your own risk

[DelJo63]

I've seen this over and over again

You are also way behind in your Java updates. Have Hijack remove the following:
Quote:
O16 - DPF: {1ACECAFE-0015-0000-0000-ABCDEFFEDCBA} (Java2 Runtime Environment 1.5.0) - http://
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java2 Runtime Environment 1.5.0) - http://
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (Java2 Runtime Environment 1.5.0) - http://

I know we all mean well, but just to make it clear
There are perfectly valid reasons to not only have a back level version but also several version of Java installed!

Sure, the user may not be aware and it's very considerate to point out the issue.
It is irresponsible to arbitrarily remove any version of Java! Make the recommendation,
have the versions verified, ask if there is a reason for the back level install -- but please stop there.

Java has at least three kinds of deployment for every Release (eg 1.6, 1.5, 1.4)

1. The basic and minimal Run Time Environment (RTE)
2. A standard System Development Kit (SDK)
3. and an Enterprise version of the SDK

The RTE and SDK may co-exist.

The multiple versions co-existing is an intentional architectural feature to avoid
problems with applications which have not been updated to the newest RTE behaviors.
The application can be made immune from the revolving door of RTE maintenance
by specifying the location of the version to be loaded when the program starts.

If you make a naive recommendation to Delete Java xxx, you may well just have
killed some user application.

Error on the side of caution -- elect the physician's creed "Do no harm"

 

[CCT]

jobeard, is Java really THAT necessary?

per their own site, http://www.java.com/en/download/faq/whyjava.xml

 

[DelJo63]

it all depends. I have two applications that are built on Java that are extremely usefull to me.

One is FileAssurity, which implements PGP security on a file/file basis which is important to me on a laptop.

(hint: I hate the MS EFS implementation).

How do you feel about .Net? It's all junk as far as I'm concerned.

I'm sure we all have preferences and experiences, but my favorite line is

When in Rome, do as the Romans do.​

 

[kimsland]

My standing is:

I've never removed my old versions myself
I've never stated for the user to remove their older versions

Reasoning:

The java update doesn't do it (nor does .Net <- thankfully)
I have never confirmed that the older versions actually cause any harm

Regarding some programs pointing to the original or older versions:

I can see that. I also feel that it basically safe guards any possibly faulty, new update
I would like an exact example of this though. Which program(s)? If even 1 is confirmed, then I would concede that the removal is unwarranted
(we need an example)

 

[DelJo63]

There's no finger pointing intended but to make the point I needed an example of
what frequently occurs when the Hijack log gets analyzed.

From that log, it is impossible to determine if Java is required by the user and the
only statement that can be said with certainty is
"There is a version installed that is back level".

I think I made the point -- best wishes to all and keep up the good work

 

[tipstir]

Jobeard is right to remove it. I use the freeware tool revo uninstaller http://www.revouninstaller.com/ to remove all the java client 4, 5, 6, anything in the registry and any files get deleted. Current is 7-- that stays in there. There is a lot of software that uses Java now from P2P, SAGETV, UltraVNC and I think OpenOffice. My SAGETV didn't load because it didn't know which version of Java Client was loaded. Once removing the client-updates prior fixed the issue.

 

[kimsland]

Jobeard is right to remove it

Of course he was stating not to remove it, you are aware?

 

[DelJo63]

Yes, I'm advocating to leave JAVA alone

fyi: You can control the JAVA version being loaded by adding these to your environment variables:

JAVAHOME='C:\Program Files\Java'
JAVAV=jre1.6.0_03                <<<< I'm a tad down level too :)
[B]JAVARTE[/B]=%JAVAHOME%\%JAVAV%

notice that JAVARTE glues together the two variables preceding to specify the JAVARTE location.

Changing only JAVAV then relocates which one is launched.

Now add to your PATH variable %JAVARTE% somewhere in the list and it's all good to go.

... but we're getting way of the topic ...

 

[LookinAround]

Joebeard

I hear what you’re saying but would make the following case to continue the practice of having users remove old versions

1. I don’t believe the typical person posting for help in the forums will have the System Development Kit installed. If they do have SDK installed they are most likely someone who doesn’t need being told what to uninstall
2. It’s certainly true that some apps are tied to a particular Java release. But (what I’ve seen to date)
   • It’s a small percentage of people who run such apps
   • If an app requires a specific Java version it should generate a clear error message indicating the problem and required version. (Is then clear the older version need be reinstalled). If the app error isn't clear, that's pretty poor reflection on the the software provider.
3. Instead of refraining from advice on uninstalling old versions, one can simply mention the small chance of an older version causing an error message which the needs the version reinstalled

 

[kimsland]

In Environmental Variables, I have:

Variable: QTJava (ie %QTJava%)
Value: C:\Program Files\Java\jre1.5.0_09\lib\ext\QTJava.zip

Is that right?

I do not have %JAVARTE% or %JAVAHOME% or %JAVAV% (nor does that work in Start Run as an environmental variable)

This is a specific question, meant for the forums (Possibly Windows OS)
And therefore does not need to be answered here. Sorry about that !
.

 

[DelJo63]

Joebeard

[*]It’s certainly true that some apps are tied to a particular Java release. But (what I’ve seen to date)

• It’s a small percentage of people who run such apps
• If an app requires a specific Java version it should generate a clear error message indicating the problem and required version. (Is then clear the older version need be reinstalled). If the app error isn't clear, that's pretty poor reflection on the the software provider.

[*]Instead of refraining from advice on uninstalling old versions, one can simply mention the small chance of an older version causing an error message which the needs the version reinstalled
[/list]

Agree on the SDK issue but I was making a point for multiplicity of occurrances.

I agree in principle to most of what you say except FEW applications of any language are able to diagnose
the the code they are dependent upon or have dynamically loaded.

Failures of loading the wrong JRE results in strange error messages that just do not
relate to the root cause. It is really nasty to diagnose these errors unless one has seen it before.

btw: Java Applets would be suspect in System Security or Malware issues, not the JRE itself.
Asserting that the JRE is suspect is exactly like saying MSVCRT40.DLL is suspect and
should be deleted (DON'T even try this or you're headed for a Recovery Reinstall)

It is entirely possible that deleting a back level RTE (or in Java terms a JRE) may
not only fail the application but also put the user in a condition that the older version is no longer available and thus the application is dead.

IMO, it is a service to note the down level condition and It is malicious to remove it -- noting the condition should be sufficient.

Our community here is unlikely to encounter real Java Users, but the issue bugs me in principle --

[rant=on]
As a developer I have many tools that are likely to not have been seen by very many participants at T.S.
I shutter at the caviler attitude of delete software without justification.

wacking someones system without justification just sticks in my craw
[rant=off]​

Again, elect the maxim "Do no harm" should apply

 

[LookinAround]

I hear your frustrations and rants but wonder if a developer’s system installation of software/tools isn’t just much more sensitive to this issue then the installation to be found on the computer of most people posting questions to the forums. (I don't really know for certain one way or the other)

I agree in principle to most of what you say except FEW applications of any language are able to diagnose the code they are dependent upon or have dynamically loaded.

Point taken. But some piece of software (application or dependent) knows what it’s trying to load and I’d guess can put out the error message. Of course, that doesn’t mean it actually creates such message which would still leave an issue for the user.

btw: Java Applets would be suspect in System Security or Malware issues, not the JRE itself. Asserting that the JRE is suspect is exactly like saying MSVCRT40.DLL is suspect and should be deleted (DON'T even try this or you're headed for a Recovery Reinstall)

Hmmm, i think a different slant on Java Applets, JRE and security actually supports the uninstalls: Consider that Sun’s latest and greatest JRE release is always fixing security vulnerabilites of older releases. A Java applet can be suspect AND be invoking an OLD Java version specifically to take advantage of a security hole in an older release. So removing old Java versions actually enhances machine security. (I’ll note I’m no java expert but think this would be true?)

It is entirely possible that deleting a back level RTE (or in Java terms a JRE) may not only fail the application but also put the user in a condition that the older version is no longer available and thus the application is dead.

I’m guessing Sun is aware that just such problem might occur if they didn’t provide a download of all old versions which they do and can be found here

 

[DelJo63]

Went a user decides to uninstall, that's one thing. When Techspot (imo) becomes parochial
and says DELETE the JRE, that's another.

I'm quickly coming to the point of view that very few members understand Java.
Perhaps the reference to MSVCRT40.DLL was obscure too. DLLs lie around waiting
to be loaded by some application. This dll is use by all C code on windows.
The Java JRE lies around awaiting some application or applet.
The JRE is as benign as any DLL.

I've made my point; We can and should remark that the JRE is down level and
without justification, have no business giving instructions to delete it.

No where in this thread has anyone made any form of such justification nor even
anywhere on Techspot.

I've said my piece and will not comment further on the subject.

Do no harm

 

[Bobbye]

No where in this thread has anyone made any form of such justification nor even
anywhere on Techspot.

This thread has gotten 'bent' in several directions. Here is my thought on this matter:
I always instruct a user to remove earlier versions of Java. However, I always follow that with a reference to the most current version and the download site.

It is my understanding that most, if not all Java updates have been done for security reasons. Therefore it stands to reason that leaving earlier versions on the system do allow the vulnerability to remain. Therefore I will continue to suggest removal from HijackLogs of all but the current version and I will continue to recommend download of the current version on the Java site.

 

[DelJo63]

It is my understanding that most, if not all Java updates have been done for security reasons.

Stating the obvious ...

 

[mopar man]

I do tend to have a lot of software problems. Granted, most are due to me not being able to afford a new computer (all my parts are extremely old and reused, and my HDD's are about to go boom I believe).

But thanks jobeard, this will probably save me or someone I know from another annoying issue!

I probably wouldn't have noticed without the PM, so that was a great idea.

 

[kimsland]

Quote from java.com

http://www.java.com/en/download/faq/5000070400.xml

Can I remove older versions of the JRE after installing a newer version?

The latest version of the Java Runtime Environment (JRE) is always the recommended version as it contains updates and improvements to previous versions. The latest available version is always compatible with the older versions.

You can keep older versions of the JRE installed, in case you have an applet/application that still depends upon a previous version.

Note: You should report to the applet provider/developer about this dependability. They need to rectify their code in order to ensure compatibility with all JRE versions.

However, if you are running low on disk space, you can safely remove older versions of the JRE from your system following the instructions on:
Windows Java Runtime Environment uninstallation instructions page

To download the latest and recommended version, please visit:
Java Download.

Description of the Windows Installer CleanUp Utility