Trojan.Agent/Gen-Faldesc

Page 2 of 3 FirstFirst 123 LastLast

  1. 7user78
    Posts : 42
    win7 x64
    Thread Starter
       New #11

    Hello again, ESET report :

    C:\Documents and Settings\All Users\Application Data\Ask\APN-Stub\PTV\Local\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
    C:\Documents and Settings\All Users\Ask\APN-Stub\PTV\Local\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
    C:\ProgramData\Ask\APN-Stub\PTV\Local\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
    C:\Users\All Users\Application Data\Ask\APN-Stub\PTV\Local\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
    C:\Users\All Users\Ask\APN-Stub\PTV\Local\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask application
    P:\x64 Applications\KMPlayer v3.3\KMPlayer_3.3.0.33.exe a variant of Win32/Bundled.Toolbar.Ask.C application (?)
    P:\x64 Applications\Winamp 5.63\winamp563_full_emusic-7plus_en-us.exe Win32/OpenCandy application (?)

    Now, These are malware/virus for real or is just an interpretation of the ESET ?
    I asked because, Winamp and KMPlayer are from safe sources (official sites) .

    Should I remove to quarantine/delete all ?
      My Computer
    Quote Quote

  3. cryptoncore
    Posts : 124
    Windows 7 Ultimate x64, Windows 8.1 Pro x64 (on laptop)
       New #12

    They are all bundled tool bars, and open candy is an advertisement plug-in placed in installers by developers, meaning that people can keep applications free. For example, winamp is a free application, it is only free due to opencandy.

    You shouldn't experience any ill effects from having these on your system that being said however, I always remove them from mine.
      My Computer
    Quote Quote

  4. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #13

    Have Eset quarantine and delete the bundled toolbar apps.
      My Computer
    Quote Quote

  6. 7user78
    Posts : 42
    win7 x64
    Thread Starter
       New #14

    Done, delete the bundled toolbar apps.
    I have full scaned again with SAS, ESET, Symantec, no virus/malware founds.

    Now, judging by the reports results , Is there any chance that Trojan.Agent/Gen-Faldesc to be hidden somehow in that PC , Can I consider the problem solved ?
      My Computer
    Quote Quote

  7. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #15

    Download CKScanner by askey127 from HERE
    Important - Save it to your desktop.
    Doubleclick CKScanner.exe and click Search For Files.
    After a very short time, when the cursor hourglass disappears, click Save List To File. It will appear that CKS isn't doing anything...it is, so just be patient!
    A message box will verify the file saved.
    Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
      My Computer
    Quote Quote

  8. 7user78
    Posts : 42
    win7 x64
    Thread Starter
       New #16

    Sure, done .
    LE:
    My concerns , any idea what represent these 2 entries (bl, ph) from attach.txt ?
    ..
    Apple Software Update
    bl
    Bullzip PDF Printer 9.0.0.1437
    .
    .
    .
    PDF Settings CS5
    ph
    Platform
    ...
    Trojan.Agent/Gen-Faldesc Attached Files
    Last edited by 7user78; 02 Jul 2013 at 02:12.
      My Computer
    Quote Quote

  10. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #17

    Download AdWareCleaner AdwCleaner Download
    or from here Téléchargements - Outils de Xplode - AdwCleaner
    to your desktop
    1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
    2.Click on Delete button.
    3.Confirm each time with OK.
    4.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
    Note: You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

    Next, Uninstall the 'cracked' software.

    Download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
    Save any unsaved work. TFC will close ALL open programs including your browser!
    Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
    Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
    Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

    After doing the above, Let's flush the DNS cache and restore MS's Hosts file:
    Copy and paste these lines in Note pad.

    @Echo on
    pushd\windows\system32\drivers\etc
    attrib -h -s -r hosts
    echo 127.0.0.1 localhost>HOSTS
    attrib +r +h +s hosts
    popd
    ipconfig /release
    ipconfig /renew
    ipconfig /flushdns
    netsh winsock reset all
    netsh int ip reset all
    shutdown -r -t 1
    del %0

    Save as flush.bat to your desktop.
    Double click on the flush.bat file to run it.Vista and Windows 7... right click the .bat file and choose to run as Administrator. Your computer will reboot itself.
      My Computer
    Quote Quote

  11. 7user78
    Posts : 42
    win7 x64
    Thread Starter
       New #18

    Thanks, I'll run these apps.Meanwhile I've found some extra infos about above mentioned entries, with Glary utilities :

    name : bl
    Command line : MsiExec.exe /I{2A075BB4-E976-4278-BF3F-E5C6945D84C0}

    name: ph
    Command line : MsiExec.exe /I{185F9795-9663-4F13-9EF9-307A282ADB5A}

    should I remove these 2 bl/ph entries ? anyone knows what are these 2 apps ?

    LE: some details about ph here, (?!).
    LE2: @jacee ,all done
    Trojan.Agent/Gen-Faldesc Attached Files
    Last edited by 7user78; 02 Jul 2013 at 16:39.
      My Computer
    Quote Quote

  12. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #19

    I have no idea what these 2--> bl/ph entries are. They may have something to do with the 'cracked' programs that were installed.
      My Computer
    Quote Quote

  13. 7user78
    Posts : 42
    win7 x64
    Thread Starter
       New #20

    Thanks, I'll try to uninstall these , but first I'll create a system restore point .
    At this point , should I run any other tool in order to see if the Trojan is it still there ?
      My Computer
    Quote Quote

 
Page 2 of 3 FirstFirst 123 LastLast

  Related Discussions
Hello, the title says it all. Few days ago, Malwarebytes Anti-Malware scan encountered a Trojan.Agent.Trace. So I booted to safe mode and removed it. Then I scanned again and 0 threats were detected, so I suppose the trojan has been removed. I also checked the system with Malwarebytes...
Trojan.Agent/Gen-FakeAlert
in System Security

Within the past few days my computer has been freezing which is something that has never happened before. The only solution to the issue was to reboot. Today I decided to do some virus scans. I used avast, then malwarebytes, then superantispyware. Only superantispyware turned up any results. Here's...
Help please. I'm using Malware Bytes and every restart it quarantines this trojan as svchost.exe How can I remove it completely?
Hello, I ran a full system scan with malwarebytes and found this: Registry Keys Detected: 1 HKCU\Software\Microsoft\Windows\CurrentVersion\Run (Trojan.Agent) -> Quarantined and deleted successfully. malwarebytes then prompted me to restart my computer, so I did. I ran the scan after...
Trojan.Agent
in System Security

Hi Everyone - Cannot belive this! Just did a MBam quick scan and found a new item. Can anyone identify it? I removed both items and the computer needed to reboot and now I am unsure how to retrieve the log for your review. Thanks, Sally
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 18:39.
Find Us