Troxler.exe - anyone know what this is?

  • Thread starter Thread starter AK
  • Start date Start date
A

AK

I have suddenly found a file that I cannot delete called troxler.exe in one
of my folders - when I try to delete it I get a pop-up that says it is in
use by another program.

Obviously, I'm concerened this is some type of virus - am thinking of going
to safe mode and deleting it - does anyone know what this is? It doesn't
show up on Symnatiec's list of know viruses.

Thanks

Alan
 
No returns in Google.

I would try cleaning the computer. You need to be sure all malware has
been removed.

When dealing with a persistent virus / trojan you need to delete system
restore points and not use them as they will contain the virus and put
it back into your system. Turn off System Restore until cleaning is
finished. Also run your anti-virus with updated definitions in safe
mode. Sometimes you need to run an anti-virus from a floppy and Trend
offer one that can be used.

Create a new folder named Sysclean (e.g., C:\Program files\Sysclean, or
just a desktop folder).
Download Sysclean.com (http://www.trendmicro.com/download/dcs.asp) and
place it in this folder.

Download the latest Controlled Pattern Release zip
(http://www.trendmicro.com/download/pattern.asp, e.g., lpt123.zip) and
extract its contents to the same folder. See the Readme text file for
additional instructions.

Delete Temporary Internet Files (IE Tools>Internet Options>General)
accepting the option to delete all offline content. Reboot and delete
contents of all TEMP folders and then your Recycle Bin.

Close all running programs including your anti-virus application, go
offline, and run Sysclean. For best results, do nothing with the machine
until the scan completes.

If the scan shows any infections in System Restore files and you're
running WinXP, create a new Restore Point
(Start>Programs>Accessories>System Tools>System Restore), then delete
all but the most recent Restore Point (Start>Programs>Accessories>System
Tools>Disk Cleanup>More options).

Work through the spyware removal programmes etc in turn in safe mode
until you get no results.

Afterwards, update your own anti-virus application and perform another
full system scan.

Finally run HijackThis and post the HijackThis log to the HijackThis
forum here:
http://aumha.net/

You will need to register with Aumha to be able to post.

--


Hope this helps.

Gerry
~~~~~~~~~~~~~~~~~~~~~~~~
FCA

Using invalid email address

Stourport, Worcs, England
Enquire, plan and execute.
~~~~~~~~~~~~~~~~~~~~~~~~
Please tell the newsgroup how any
suggested solution worked for you.



~~~~~~~~~~~~~~~~~~~~~~~~
 
From: "AK" <[email protected]>

| I have suddenly found a file that I cannot delete called troxler.exe in one
| of my folders - when I try to delete it I get a pop-up that says it is in
| use by another program.
|
| Obviously, I'm concerened this is some type of virus - am thinking of going
| to safe mode and deleting it - does anyone know what this is? It doesn't
| show up on Symnatiec's list of know viruses.
|
| Thanks
|
| Alan
|

Please submit a sample of "troxler.exe" to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against 18 different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition, unless told
otherwise, Virus Total will provide the sample to all participating vendors.

When you get the report, please post back the exact results.
 
AK said:
I have suddenly found a file that I cannot delete called troxler.exe
in one of my folders - when I try to delete it I get a pop-up that
says it is in use by another program.

Obviously, I'm concerened this is some type of virus - am thinking of
going
to safe mode and deleting it - does anyone know what this is? It
doesn't show up on Symnatiec's list of know viruses.
Click to expand...
Since "troxler.exe" doesn't bring up any links from a Google search, it
is suspicious. That is not unusual; many viruses and other malware will
have random names. Scan with a current version antivirus (not earlier
than 2004) using updated definitions in Safe Mode. Then continue your
cleanup by scanning for non-viral malware. More information here:

http://www.elephantboycomputers.com/page2.html#Removing_Malware

Malke
 
From here? http://www.troxlerlabs.com/

--
Regards,

Richard Urban
Microsoft MVP Windows Shell/User

Quote from George Ankner:
If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!
 
Thanks for all the ideas and help.

Symantec AntiVirus does not detect this file (troxler.exe) as a virus.

I think I will try to start up in DOS mode and see if I can delete it - and
will submit it to anti-virus companies for a rview.

Alan
 
You should be able to derive some info about it by right clicking the file
--> Properties --> Version. It may be associated with an application or a
piece of hardware that you've got in your system.

If you're worried about it being malware, go here:
http://www.sysinternals.com/Utilities/Autoruns.html and download "Autoruns"
which is a utility that diplays which programs load on startup.
 
David:

I managed to get Norton Antivirus to quarantine this file, and am reluctant
to move it back out of quarantine.

If I can do it without messing up too badly, I'll restore it and send it to
VirusTotal.

Alan
 
OK - I returned Troxler to the folder where I found it, and sent it to Total
scan. I'll let you know what it returns.

In order to get Norton to quarantine it, I had to close Skype in the Systray
area ... is this file Skype uses?

Alan
 
In fact, now poking around on totalvirus, I find that there IS a trojan
horse connected to Skype ...

this was probabnly it, since I could only get rid of it when I exited
Skype...
 
Server response

--------------------------------------------------------------------------------

Results of a file scan
This is a report processed by VirusTotal on 10/27/2005 at 05:55:46 (CET)
after scanning the file "Troxler.exe" file.
Antivirus Version Update Result
AntiVir 6.32.0.6 10.26.2005 no virus found
Avast 4.6.695.0 10.25.2005 no virus found
AVG 718 10.24.2005 no virus found
Avira 6.32.0.6 10.26.2005 no virus found
BitDefender 7.2 10.27.2005 no virus found
CAT-QuickHeal 8.00 10.26.2005 no virus found
ClamAV devel-20050917 10.25.2005 no virus found
DrWeb 4.32b 10.23.2005 no virus found
eTrust-Iris 7.1.194.0 10.26.2005 no virus found
eTrust-Vet 11.9.1.0 10.26.2005 no virus found
Fortinet 2.48.0.0 10.27.2005 no virus found
F-Prot 316c 10.26.2005 no virus found
Ikarus 0.2.59.0 10.25.2005 no virus found
Kaspersky 4.0.2.24 10.27.2005 no virus found
McAfee 4613 10.26.2005 no virus found
NOD32v2 1.1266 10.26.2005 no virus found
Norman 5.70.10 10.26.2005 no virus found
Panda 8.02.00 10.26.2005 no virus found
Sophos 3.98.0 10.26.2005 no virus found
Symantec 8.0 10.26.2005 no virus found
TheHacker 5.8.4.128 10.26.2005 no virus found
VBA32 3.10.4 10.26.2005 no virus found



VirusTotal is a free service offered by Hispasec Sistemas. There are no
guarantees about the availability and continuity of this service. Do not
reply to this message. It has been generated by an automatic address that
will not handle any reply. Although the detection rate afforded by the use
of multiple antivirus engines is far superior to that offered by just one
product, these results DO NOT guarantee the harmlessness of a file.
Currently, there is not any solution that offers a 100% effectiveness rate
for detecting viruses and malware.
 
I have suddenly found a file that I cannot delete called
troxler.exe in one
of my folders - when I try to delete it I get a pop-up that
says it is in
use by another program.

Obviously, I'm concerened this is some type of virus - am
thinking of going
to safe mode and deleting it - does anyone know what this is?
It doesn't
show up on Symnatiec's list of know viruses.

Thanks

Alan
Click to expand...

I don’t have a clue, neither dose google
http://www.google.co.uk/search?hl=en&q="troxler.exe"&btnG=Google+Search&meta=
 
Back
Top