Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Trojan.Agent/Gen-Faldesc

01 Jul 2013   #11
7user78

win7 x64
 
 

Hello again, ESET report :

C:\Documents and Settings\All Users\Application Data\Ask\APN-Stub\PTV\Local\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
C:\Documents and Settings\All Users\Ask\APN-Stub\PTV\Local\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
C:\ProgramData\Ask\APN-Stub\PTV\Local\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\All Users\Application Data\Ask\APN-Stub\PTV\Local\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\All Users\Ask\APN-Stub\PTV\Local\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
P:\x64 Applications\KMPlayer v3.3\KMPlayer_3.3.0.33.exe a variant of Win32/Bundled.Toolbar.Ask.C application (?)
P:\x64 Applications\Winamp 5.63\winamp563_full_emusic-7plus_en-us.exe Win32/OpenCandy application (?)

Now, These are malware/virus for real or is just an interpretation of the ESET ?
I asked because, Winamp and KMPlayer are from safe sources (official sites) .

Should I remove to quarantine/delete all ?


My System SpecsSystem Spec
.
01 Jul 2013   #12
cryptoncore

Windows 7 Ultimate x64, Windows 8.1 Pro x64 (on laptop)
 
 

They are all bundled tool bars, and open candy is an advertisement plug-in placed in installers by developers, meaning that people can keep applications free. For example, winamp is a free application, it is only free due to opencandy.

You shouldn't experience any ill effects from having these on your system that being said however, I always remove them from mine.
My System SpecsSystem Spec
01 Jul 2013   #13
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Have Eset quarantine and delete the bundled toolbar apps.
My System SpecsSystem Spec
.

01 Jul 2013   #14
7user78

win7 x64
 
 

Done, delete the bundled toolbar apps.
I have full scaned again with SAS, ESET, Symantec, no virus/malware founds.

Now, judging by the reports results , Is there any chance that Trojan.Agent/Gen-Faldesc to be hidden somehow in that PC , Can I consider the problem solved ?
My System SpecsSystem Spec
01 Jul 2013   #15
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Download CKScanner by askey127 from HERE
Important - Save it to your desktop.
Doubleclick CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File. It will appear that CKS isn't doing anything...it is, so just be patient!
A message box will verify the file saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
My System SpecsSystem Spec
01 Jul 2013   #16
7user78

win7 x64
 
 

Sure, done .
LE:
My concerns , any idea what represent these 2 entries (bl, ph) from attach.txt ?
..
Apple Software Update
bl
Bullzip PDF Printer 9.0.0.1437
.
.
.
PDF Settings CS5
ph
Platform
...


Attached Files
File Type: txt ckfiles.txt (6.0 KB, 9 views)
File Type: zip attach.zip (2.6 KB, 5 views)
My System SpecsSystem Spec
02 Jul 2013   #17
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Download AdWareCleaner AdwCleaner Download
or from here Téléchargements - Outils de Xplode - AdwCleaner
to your desktop
1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
2.Click on Delete button.
3.Confirm each time with OK.
4.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
Note: You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

Next, Uninstall the 'cracked' software.

Download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

After doing the above, Let's flush the DNS cache and restore MS's Hosts file:
Copy and paste these lines in Note pad.

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0


Save as flush.bat to your desktop.
Double click on the flush.bat file to run it.Vista and Windows 7... right click the .bat file and choose to run as Administrator. Your computer will reboot itself.
My System SpecsSystem Spec
02 Jul 2013   #18
7user78

win7 x64
 
 

Thanks, I'll run these apps.Meanwhile I've found some extra infos about above mentioned entries, with Glary utilities :

name : bl
Command line : MsiExec.exe /I{2A075BB4-E976-4278-BF3F-E5C6945D84C0}

name: ph
Command line : MsiExec.exe /I{185F9795-9663-4F13-9EF9-307A282ADB5A}

should I remove these 2 bl/ph entries ? anyone knows what are these 2 apps ?

LE: some details about ph here, (?!).
LE2: @jacee ,all done


Attached Files
File Type: txt AdwCleaner[S2].txt (1.5 KB, 4 views)
File Type: txt AdwCleaner[R5].txt (1.0 KB, 5 views)
My System SpecsSystem Spec
02 Jul 2013   #19
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

I have no idea what these 2--> bl/ph entries are. They may have something to do with the 'cracked' programs that were installed.
My System SpecsSystem Spec
02 Jul 2013   #20
7user78

win7 x64
 
 

Thanks, I'll try to uninstall these , but first I'll create a system restore point .
At this point , should I run any other tool in order to see if the Trojan is it still there ?
My System SpecsSystem Spec
Reply

 Trojan.Agent/Gen-Faldesc




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Trojan called 'Trojan.Generic.2582177' on my system
Hi, I have Window7 Ultimate 64 bit on my system. I use Bitfender as my antivirus software. This morning it informed me that it has found a file infected with a virus called 'Trojan.Generic.2582177' which it cannot clean. I've contacted Bitfender to see if they know what I should do but haven't...
System Security
Trojan.Agent/Gen-FakeAlert
Within the past few days my computer has been freezing which is something that has never happened before. The only solution to the issue was to reboot. Today I decided to do some virus scans. I used avast, then malwarebytes, then superantispyware. Only superantispyware turned up any results. Here's...
System Security
Need help removing trojan.agent.cn
Help please. I'm using Malware Bytes and every restart it quarantines this trojan as svchost.exe How can I remove it completely?
System Security
Can't delete reg trojan.agent (Malwarebytes)
Hello, I ran a full system scan with malwarebytes and found this: Registry Keys Detected: 1 HKCU\Software\Microsoft\Windows\CurrentVersion\Run (Trojan.Agent) -> Quarantined and deleted successfully. malwarebytes then prompted me to restart my computer, so I did. I ran the scan after...
System Security
Trojan.Agent
Hi Everyone - Cannot belive this! Just did a MBam quick scan and found a new item. Can anyone identify it? I removed both items and the computer needed to reboot and now I am unsure how to retrieve the log for your review. Thanks, Sally
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:26.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App