johnoo Posted March 4, 2009 Report Share Posted March 4, 2009 Just been doing some Maintainance, was about to start "Spybot Search and Destroy" and a AVG message appeared (I use AVg and Spybot) stating I had a trogen horse Generic 12.BUXN.Q 1 What is it I cant find anything if I goggle.I put the item in the Vault, have run AVG scan and Spybot with no other problemsI then looked into the vault and it said that the Trogen had a object of:-c/local/owner/local setting/temp/Kilti.exeand a process of:- c/program files/spybot-search& Destroy/spybotsd.exeQ2 Does this mean that Spybot generated the Trogen Horse?I have now deleted the Trojen from the VaultQ3 Was this the correct action? Quote Link to comment Share on other sites More sharing options...
Boris Posted March 4, 2009 Report Share Posted March 4, 2009 Q 1 What is it I cant find anything if I google.I put the item in the Vault, have run AVG scan and Spybot with no other problemsI then looked into the vault and it said that the Trogen had a object of:-c/local/owner/local setting/temp/Kilti.exeand a process of:- c/program files/spybot-search& Destroy/spybotsd.exeQ2 Does this mean that Spybot generated the Trojan Horse? NOI have now deleted the Trojan from the VaultQ3 Was this the correct action? YES Quote Link to comment Share on other sites More sharing options...
Hb_Kai Posted March 4, 2009 Report Share Posted March 4, 2009 c/local/owner/local setting/temp/Kilti.exe is not a directory of Spybot S&D.You may not have found anything on Google because you spelt it incorrectly. I've found something Killit.exe I've found on Google to be something installed on HP computers, but not Kilti, and Kilti is nothing to do with Spybot S&D, and S&D doesn't use that directory unless clearing it. A decent and safe way to clear this directory as it's usually clomped with a bunch of useless stuff is to use C Cleaner.Edited rubbish out as just properly read the post as my eyes were hurting at first, and Boris beat me to it. Quote Link to comment Share on other sites More sharing options...
johnoo Posted March 4, 2009 Author Report Share Posted March 4, 2009 c/local/owner/local setting/temp/Kilti.exe is not a directory of Spybot S&D.You may not have found anything on Google because you spelt it incorrectly. I've found something Killit.exe I've found on Google to be something installed on HP computers, but not Kilti, and Kilti is nothing to do with Spybot S&D, and S&D doesn't use that directory unless clearing it. A decent and safe way to clear this directory as it's usually clomped with a bunch of useless stuff is to use C Cleaner.Edited rubbish out as just properly read the post as my eyes were hurting at first, and Boris beat me to it.Dont understand your last sentance, i attach screen prints, of the data about the Trojen, do you know what it is?trogen_1.pdftrogen_2.pdf Quote Link to comment Share on other sites More sharing options...
Hb_Kai Posted March 4, 2009 Report Share Posted March 4, 2009 Edited rubbish out as just properly read the post as my eyes were hurting at first, and Boris beat me to it.Don't worry about this line... It's for WF to see the reason why I edited the post. Quote Link to comment Share on other sites More sharing options...
johnoo Posted March 5, 2009 Author Report Share Posted March 5, 2009 Edited rubbish out as just properly read the post as my eyes were hurting at first, and Boris beat me to it.Don't worry about this line... It's for WF to see the reason why I edited the post.But do the screen prints help to solve where the Trogen came from and what it is ie effect on operating system, security threat etc..? Quote Link to comment Share on other sites More sharing options...
Boris Posted March 5, 2009 Report Share Posted March 5, 2009 No :)You know it was there - but how it got there and where it came from is quite another question.Just be grateful it is gone and make sure all your malware protection is kept up to date. Quote Link to comment Share on other sites More sharing options...
johnoo Posted March 5, 2009 Author Report Share Posted March 5, 2009 Thanks for all of the input, it helps "Newbies" to gain confidense, and avoid pitfalls. Quote Link to comment Share on other sites More sharing options...
AndyXS Posted March 17, 2009 Report Share Posted March 17, 2009 Chances are that S&S has scanned the file, your AV has picked up the file being accessed and reported back as being a virus.If its sitting in your temp folder is may have come off another process or been dropped by Internet Explorer. If you still have the file it might be worth running it through VirusTotal to see what is actually is. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.