Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Question about a trojan horse

  • Please log in to reply
1 reply to this topic

#1 Matt132


  • Members
  • 4 posts
  • Local time:02:14 PM

Posted 06 November 2010 - 03:23 AM

AVG free 2011 just found two Trojan horse Downloader.Generic_c.BRX on my computer it said "";"C:\Users\Matthew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\6d038ce1-3dea092c";"Trojan horse Downloader.Generic_c.BRX";"Moved to Virus Vault" for one of them and "";"C:\Users\Matthew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\6d038ce1-3dea092c:\bpac\a.class";"Trojan horse Downloader.Generic_c.BRX";"Moved to Virus Vault" for the other is it the java thing that put it on my computer? Also I've put my flash drive into this computer earlier today is it possible that the virus is on my flash drive now and how should I go about removing it if so? I was also wondering if avg free 2011 is good enough for computer protection or if I should do something else now to make sure theirs nothing else on there.

My brother had a tojan_horse_exploit.nok on his computer to and was wondering if avg healing it was enough or not as well.

Edit: Sorry forgot to mention I have vista 64 bit

Edited by hamluis, 06 November 2010 - 04:46 AM.
Moved from Vista to Am I Infected ~ Hamluis.

BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,769 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:14 PM

Posted 06 November 2010 - 08:29 AM

When a browser runs an applet, the Java Runtime Environment (JRE) stores the downloaded files into its cache folder (C:\Documents and Settings\username\Application Data\Sun\Java\Deployment\cache) for quick execution later and better performance. Malicious applets are also stored in the Java cache directory and your anti-virus may detect them and provide alerts. Notification of these files as a threat does not always mean that a machine has been infected; it indicates that a program included the viral class file but this does not mean that it used the malicious functionality. However, when alerted to this type of threat, it's a good practice to clear the Java cache and clean out Windows temporary files.

For more specific information about Java exploits, please refer to Virus found in the Java cache directory. Also be aware that older versions of Java have vulnerabilities that malicious sites can use to exploit and infect your system. That's why it is important to always use the most current Java Version and remove outdated Java components.

When an anti-virus or security program quarantines a file and moves it into a virus vault (chest) or a dedicated quarantine folder, that file is essentially disabled and prevented from causing any harm to your system. The quarantined file is usually renamed before moving, safely held there and no longer a threat until you take action to delete it. One reason for doing this is to prevent deletion of a crucial file that may have been flagged as a "false positive" especially if the scanner uses heuristic analysis technology. Heuristics is the ability of a scanning program to detect possible new variants of malware before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as suspicious or infected. If that is the case, then you can restore the file and add it to the exclusion or ignore list.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users