Trojan:W32/Agent.ARKD attempts to connect to a remote host and download an additional malicious file onto the infected system.
For more general information on disinfection, please see Removal Instructions.
The associated detections Trojan.Agent.ARKD and Trojan.Generic.5594507 both triggered on a DLL file named setup50045.fon, which was associated with a malware attack.
Upon execution, setup50045.fon drops a copy of itself in the following directory:
It will then set itself as a launch point service by setting the following values in the registry:
Once installed, the malware attempts to establish connection with the following remote hosts:
It downloads a malicious executable file from the link below:
The downloaded executable is detected as Trojan.Agent.ARKE.
Date Created: -
Date Last Modified: -