AGV caught 7 Trojan Horses (Trojan Horse SHeur.AFJ) in my Quickbook files: Components\PConfig\Data1.cab
They cannot remove because it says it's in my archive file. Anyone have any ideas on removal or what kind of havoc this is going to cause?
I would like to know the same thing. I just did payroll yesterday and had no problems, but this morning my AVG found and is still finding the Trojan Horse threat.
Good question, although... I am not sure I had anything updated yesterday. I also do not save online, I save locally on another hard drive. Hopefully, someone will have some answers.
I haven't opened QB this morning yet to see if there is a problem. My AVG is still running and I wanted to wait to see what happens.
I just wanted to touch base on this issue. We have been made aware of this issue and are working with AVG to determine why the results are showing up. We do suggest that you make sure that your software and definitions are up to date. I will post back when I we have more information.
Please remember that this is a User-to-User community forum. If you come in to get an answer, see if there are any that you can provide. The more people who do that, the more likely you will get your answer.
Interested in learning more about the forums and the Gurus? Check out the new blog Thoughts from the Gurus.
I have a test copy of Pro 2006 set up here, and today I ran the update program to set it up with the most current update. I installed the AVG product and ran a full scan on the system. It did not find any problems on the system, so I would say that the infection on your system did NOT come from the QB automatic update.
I honestly can't say what problems you would run into if you remove the cab file. That is a file that holds installation components. On my test system, I removed that file, and the program appears to be running without a problem (which I would expect).
My guess is that if you do a "repair" or similar action of Pro via the control panel, it would access this cab file. If the cab file is not found you might not be able to do a simple repair of your installation. If you have Pro on a CD, or a copy of the original downloaded install file if you obtained it electronically, then you shouldn't have a problem.
HOWEVER - this is a guess on my part, I can't say for sure that this is what the situation is. I'm just basing this on my experience with installation programs, QB, and my test system here. It is possible that there is something involving that cab file that I'm not seeing.
If AVG won't clean the cab file for you, I would suggest that you make a copy of it on a CD, then erase it from your system. If you find that there is a problem caused by removing it, you have the copy on the CD and can reinstall it. However, given that it might be infected, you may not want to put that file back on your system!
Another possibility - make a backup (using the QB backup facility) of your company files, uninstall Pro, scan your system again with AVG, reinstall Pro from the original CD, use automatic updates in Pro to get back to the most current update, rescan with AVG. A lot of steps, but that would be the most secure way of eliminating the problem if you don't want to take a chance on just deleting the cab file.
The cab file is not an executable file itself, so having it just sit there with the infection won't let it spread. However, if you do an operation that pulls information out of the cab file then you have the risk of spreading the infection.
Monday 9:30 eastern time
I just ran AVG and the computer came back clean. I guess this means it was a glitch with AVG and it is repaired. Thank goodness!
My AVG healed the files (12) and I have had no problems since. Both my Pro 2007 and my Getting Started were affected. The cab files and tutorials.exe, base_71.adt-l1 through l6.exe were affected. Looking in the virus vault, the healed files were all tutorials. Hope this helps.
We have worked with AVG and determined that this was a false alarm by the AVG tool.
Please update your AVG tool with the latest virus base (at least 269.10.5.899). If files were moved to AVG Virus Vault, you can restore them.
If you need to restore deleted files from AVG Virus Vault you can do it this way: open AVG Virus Vault (Start -> Programs -> AVG Antivirus -> AVG Virus Vault).
Locate the file that was removed, right click on it and choose "Restore File(s)" option.
Unfortunately, false alarms do appear from time to time in every Anti-Virus software.
Find CCRussell on the map!
