Trojan horse agent

  muddypaws 19:54 11 Oct 07
Locked

I went to load up my fs9 on C drive and AVG antivirus free flashed up an alert:
trojan horse agent Arkia453pack.exe
The size is shown as 17.2 mbs.
I am unable to find any reference on IE search.
I healed and vaulted it, but the AVG info says
Healable: No
Source: Back up copy.
Status: Infected
I have a back up copy of fs9 on D drive which I was using when it crashed.
Then changed to C and got yhe warning.
Win. XP Home Sp2.
Can anyone advise what this trojan does please?
And how do I get rid of it if it not healable etc.
HJT job??!
Many thanks.
fs9 on C subsequently ran OK for 20 mins or so until I closed it down.

  Technotiger 20:07 11 Oct 07

A Google does not turn up anything at all on this so-called trojan. It might just be what is known as a false-positive. In any case, as long as it is vaulted it cannot cause harm. In your position I would do a System Restore back a short while before this appeared.

  muddypaws 20:16 11 Oct 07

Technotiger
I started an AVG scan on D and PC froze as soon as it located the trojan ( after about 1 min). I rebooted and rescanned then stopped the scan as soon as it was detected and AVG says it had healed, vaulted and deleted.
Started the scan again until passed the previous detection point stopped it and nothing found up to there.
Just doing a scan on C.
System restore? I don't know when the trojan ( if genuine) got in so a restore might put it back in surely?
Had I not better stop/start the win restore now?
Strange that there in nothing on the web.
Thanks.

  Earthsea 20:17 11 Oct 07

I assume Arkia453pack.exe (which is 17.2Mb) refers to Arkia Israeli Airlines used by the flight simulator, so it's not the name of a Trojan.

Try Kaspersky online scanner click here

If it doesn't find anything then it's probably a false positive.

  muddypaws 20:24 11 Oct 07

Earthsea
Thanks.
Not sure if I have that Israeli addon. Sounds a bit familiar though.If I have it, it has been there for a long time. Don't recognise it as a default.
Will do your link as soon as AVG finishes on C.
Thanks for help.
Puzzled why AVG should react like that.

  Technotiger 20:39 11 Oct 07

I was about to say the same as Earthsea, or at least I was going to query whether Arkia453pack was part of FS9.

  Earthsea 20:46 11 Oct 07

I'm trying that online scanner myself at the moment (out of curiosity). It requires IE and you have to disable AVG. Do this by pressing Ctrl-Alt-Del, click the Processes tab and end all the processes that start with 'avg'. Scan 'My Computer', but be warned - it takes a while!

  muddypaws 20:56 11 Oct 07

Earthsea
Yes. Think I have used it before.
Cheers.
Technotiger: Must admit the size of it seemed strange. Had a look in fs9 for it, but can't see it. So would AVG have deleted the whole zip?

  muddypaws 20:58 11 Oct 07

Or rather the entire folder

  Technotiger 20:59 11 Oct 07

Hmm, afraid your guess is as good as mine on that one.

  Earthsea 21:11 11 Oct 07

Can't AVG put anything in the virus vault back to where it was before (like Recycle Bin)? I can't check because the scanner's still running! (Currently 37%.)

This thread is now locked and can not be replied to.

Surface Pro (2017) vs Surface Pro 4

20 groundbreaking 3D animation technologies coming to Siggraph 2017

iPad Pro 12.9 vs Surface Pro 5