Trogen Horse Generic 12.buxn

[johnoo]

Just been doing some Maintainance, was about to start "Spybot Search and Destroy" and a AVG message appeared (I use AVg and Spybot) stating I had a trogen horse Generic 12.BUXN.

Q 1 What is it I cant find anything if I goggle.

I put the item in the Vault, have run AVG scan and Spybot with no other problems

I then looked into the vault and it said that the Trogen had a object of:-

c/local/owner/local setting/temp/Kilti.exe

and a process of:- c/program files/spybot-search& Destroy/spybotsd.exe

Q2 Does this mean that Spybot generated the Trogen Horse?

I have now deleted the Trojen from the Vault

Q3 Was this the correct action?

[Boris]

Q 1 What is it I cant find anything if I google.

I put the item in the Vault, have run AVG scan and Spybot with no other problems

I then looked into the vault and it said that the Trogen had a object of:-

c/local/owner/local setting/temp/Kilti.exe

and a process of:- c/program files/spybot-search& Destroy/spybotsd.exe

Q2 Does this mean that Spybot generated the Trojan Horse? NO

I have now deleted the Trojan from the Vault

Q3 Was this the correct action? YES

[Hb_Kai]

c/local/owner/local setting/temp/Kilti.exe is not a directory of Spybot S&D.

You may not have found anything on Google because you spelt it incorrectly. I've found something

Killit.exe I've found on Google to be something installed on HP computers, but not Kilti, and Kilti is nothing to do with Spybot S&D, and S&D doesn't use that directory unless clearing it. A decent and safe way to clear this directory as it's usually clomped with a bunch of useless stuff is to use C Cleaner.

Edited rubbish out as just properly read the post as my eyes were hurting at first, and Boris beat me to it.

[johnoo]

c/local/owner/local setting/temp/Kilti.exe is not a directory of Spybot S&D.

You may not have found anything on Google because you spelt it incorrectly. I've found something

Killit.exe I've found on Google to be something installed on HP computers, but not Kilti, and Kilti is nothing to do with Spybot S&D, and S&D doesn't use that directory unless clearing it. A decent and safe way to clear this directory as it's usually clomped with a bunch of useless stuff is to use C Cleaner.

Edited rubbish out as just properly read the post as my eyes were hurting at first, and Boris beat me to it.

Dont understand your last sentance, i attach screen prints, of the data about the Trojen, do you know what it is?

trogen_1.pdf

trogen_2.pdf

[Hb_Kai]

Edited rubbish out as just properly read the post as my eyes were hurting at first, and Boris beat me to it.

Don't worry about this line... It's for WF to see the reason why I edited the post.

[johnoo]

Edited rubbish out as just properly read the post as my eyes were hurting at first, and Boris beat me to it.

Don't worry about this line... It's for WF to see the reason why I edited the post.

But do the screen prints help to solve where the Trogen came from and what it is ie effect on operating system, security threat etc..?

[Boris]

No :)

You know it was there - but how it got there and where it came from is quite another question.

Just be grateful it is gone and make sure all your malware protection is kept up to date.

[johnoo]

Thanks for all of the input, it helps "Newbies" to gain confidense, and avoid pitfalls.

[AndyXS]

Chances are that S&S has scanned the file, your AV has picked up the file being accessed and reported back as being a virus.

If its sitting in your temp folder is may have come off another process or been dropped by Internet Explorer. If you still have the file it might be worth running it through VirusTotal to see what is actually is.