Last night I received an AVG Resident Shield warning that Astroplanner.exe contained a trojan (this has never happened before and there had been no updates as I was not connected to the internet). Astroplanner was not running. Selecting the heal option the message came back, Heal successful (or some such thing).
Then about half an hour ago I noticed my Astroplanner Icons had changed to the boring windows generic "I don't know what this is so I'll put this icon to it". When I clicked on the icon to open Astroplanner nothing happened. So I went and check the program folder and there was no Astroplanner.exe there Damn. So I thought I'd reinstall it. Up pops the AVG Resident Shield warning that D:/windowsintall.exe has the Trojan horse Dropper.Agent.FCB. In fact the installer icon on the CD is the same boring windows standard one as well. When I click ignore I get "Windows cannot access the specified device, path or file. You may not have the appropriate permission to access the item." Even if I turn AVG off I still can't access it.
Not only can I not install it again, I can't even find the program under control panel "Add Remove Programs" to completely remove it and start again.
Can anyone give me any ideas how to fix this problem
I have had AVG do this to a couple of my apps as well, all of a sudden it decides there's a virus in an exe file. I know it wasn't an infection as AVG deleted the same file on 2 different machines, one of which the app hadn't been used on for over 2 years. I suspect it is a bug in the AVG software. I intend changing back to Nod32, despite the fact that I will have to pay for Nod.
The astroplanner.exe file should be quarantined, you should be able to get it back, the executable will be in the virus vault. Whether or not AVG will delete it again I'm not sure. In my case the app was an old version so I just upgraded to a later version. I just looked at my vault and the files it thought were infected were ACDsee32.exe and a heap of flash animations that I have had for years and that I know have no problems. All in all the damn thing took 11 executables, none of which were really infected.
Tried that and while it returned the exe file to the directory it still wouldn't work. I'll go and look for an updated version, though I've only just recently received the disk.
Wow, Restore has allways been my first option and never failed, so I am at odds as to any other help I can give, Ill watch this post with interst as to your outcome...
Phil, I have the same trojan in my PC from time to time. where it comes from, I have no idea! it has infected various files on the C drive including some file or other to do with restore. Today it was reported as being in the 'F' drive, my second HDD, also in a directory supposedly connected with restore. (Restore on a second drive????) F:\System Volume Information\_restore{.......} A large string of hex values were inside the parenthesis. Anyway, according to AVG, it has been there in times past and the infected file was healed. However on rebooting the PC the trojan was back!! So before running any program I hit the main power switch (no subtlety here) that got rid of it, and it remained gotten rid of for days/weeks before returning. The only effect I nave noticed is a slowing up of the PC, or last night and on one previous occasion, Windows simply would not shut down, neither by way of the start menu, nor the task manager. I don't like just pulling the plug on the PC, but so far that has been the only remedy I have.
I suspect that the trojan is actually coming in with the AVG updates; I do not use astroplanner. I'm no computer whizz kid, but I think Trojans live in memory but write themselves to disc on normal power down and wake up on a subsequent reboot. That is why I pull the plug on my PC; to deny the virus time to protect itself.
HTH,
Doug
An online update to have fixed it for others. Paul who is the author seems to have indicated that other AV software are also doing this with recent updates and he is contacting them for similar updates. I think the application has been blacklisted by AVG on your system and it will not let it run until its not on its list of threats. I am a user of AP but I dont use AVG so I cant offer first hand advise.
Paul, the attached file shows the prevalence of this nuisance. Re4member, it can attach to any program. Sorry, the print is small you'll need to magnify screen to 150%
The strange thing is Doug that this has picked up the problem on a CD with the program direct from the supplier, in an freshly unzipped copy of the program downloaded from the site in zip form as well as the existing program.
Doug, you may have the real trojan not a false postiive and though you have removed it from the live system its still there in saved restore point. I would celar the restore point and renable it on your F drive. Right click on my computer icon and select properties from the drop down menu. Then goto the System restore tab. You should see a list of drives on your system and you can disable and enable system restore points. This is a very common step mentioned in most malware removal instructions I have stepped through. Often removing the virus is not sufficient you must clear old restore points incase the malware has created its own or infected existing ones.
![[1ponders]'s Avatar](../vbiis/customavatars/avatar45_9.gif){kind=avatar}
![[1ponders] is offline](/vbiis/images/statusicon/user_offline.gif)
Damn. So I thought I'd reinstall it. Up pops the AVG Resident Shield warning that D:/windowsintall.exe has the Trojan horse Dropper.Agent.FCB. In fact the installer icon on the CD is the same boring windows standard one as well. When I click ignore I get "Windows cannot access the specified device, path or file. You may not have the appropriate permission to access the item." Even if I turn AVG off I still can't access it.
