Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Threat/Malware/Hack/?

21 Jul 2012   #1

Windows 7 Ultimate x64

Hello Win7 ,
I also belong to the Vista forums same user name/Have 3 systems-
Vista Home premium 32bit/Win7 home 32bit/& this one Win 7 Ultimate-64bit/
& I work for A AV company lol-

My AV recently found this .exe/threat after I had reinstalled windows(Vista to Win7 Ultimate) A 2005 system found to have the first split core /3.65/64bit/HP Pasario-
FIle: ( C:\Windows\Setup\scripts\faXcooL.exe ) Vaulted
Has anyone else seen this?
done some research found to to be a form of Malware (?Trojan) but not rootkit-or Dropper-

Any thoughts?

Sixwheeler :)

My System SpecsSystem Spec
21 Jul 2012   #2

Windows 8.1 Pro x64

Hey sixwheeler2011,

If you are worried about it being a virus or something give this a go:

Do a full scan of your system using: Microsoft Security Essentials - Free Antivirus for Windows

Afterwards: Malwarebytes : Free anti-malware download

If nothing pops up for both of those,

try: Windows Defender Offline

This is what I found on the file:
faxcool.exe Info - Fix faxcool.exe Errors
My System SpecsSystem Spec
21 Jul 2012   #3

Windows 7 Ultimate x64


I don't use MSE, to many holes.I was just wondering if anybody had any more ideas of this(Installed programs) being shown as a threat etc.
My Av has already taken care of it just was asking what it might belong to.
My System SpecsSystem Spec

21 Jul 2012   #4

W7, W8.1

google it.

It only came up with faXcool.exe that had the Wpakill.B hacktool. A few searches on the internet and I found that it actually comes pre-loaded on a few torrented copies of win7 as a means to bypass activation
Windows 7 Ultimate install... Something fishy's going on...

faXcooL.exe is a Hack tool used for disabling Windows Genuine Advantage Checks
AVG Found "faxcool.exe Hacktool" And Deleted It , Should I Be Worried? - security - windows-7
My System SpecsSystem Spec
21 Jul 2012   #5
Microsoft MVP

Windows 7 Ult. x64

Hi SixWheeler,

I have read that faxcool is a hack to bypass Windows Genuine Advantage checks. I recommend running the steps in this tutorial, and then post the results back here:

Windows Genuine and Activation Issue Posting Instructions

My System SpecsSystem Spec


Thread Tools

Similar help and support threads
Thread Forum
Microsoft: 'TaterF' Worm Top Malware Threat So Far This
GENERAL CYBER/ELECTRONIC CRIME Malicious Software Removal Tool (MSRT)…has detected two new fake antivirus threats…. The latest statistics come on the heels of Microsoft's recently published Security Intelligence Report, which found worms jumped 98.4 percent to the number two threat, behind...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 00:29.
Twitter Facebook Google+