Beware of this Trojan-Agent-Iconforamazon.exe

Started Mar 27, 2013 | Discussions
3dreal Senior Member • Posts: 2,271
Beware of this Trojan-Agent-Iconforamazon.exe



I had found it on my desktop and deleted it. It was only after that when Firefox started crashing all the time lately(i never had this over all the years).

Non of these scanners found it but Superantispyware did.

Its the scanner which has always found what others did not.

Microsoft Security Essentials,





None of these found it.

it was found in a second non-used old account.

I have that trojan seperated and will now scan it by special scanners.

If i were you i would keep systempartition with applications only small(my winxp is 34gb) and backup it up onto a second drive e.g. esata external or internal if not possible. Not usb or firewire, they are slow. It takes multiple hours.

-- hide signature --

Jim Cockfield Forum Pro • Posts: 16,342
use before installing any software

I'd suggest always uploading anything you want to install to

It scans using over 40 Different AV products and reports the results.

Of course, even if *all* of them say a program is clean, that doesn't mean it's not really malware; and sometimes brand new malware is undetected by all major scanners. 

But, it's going to catch most of it.

So, it's a good idea to use an AV product that blocks any suspicious behavior from an application by default, requiring your OK before a program can proceed.

Comodo Internet Security is good about that kind of thing   But, because they are using what I consider to be unscrupulous tactics try and get unsuspecting users to get help via their GeekBuddy service for vague problems, I will no longer recommend them.

I'm in the process of evaluating new AV protection now to replace Comodo, and I'll probably end up using something like Emisoft Anti-Malware in conjunction with other products for extra layers of protection.

For example, you may also want to consider using something like the free version of ThreatFire in conjunction with your AV protection of choice for an added layer of protection (it's uses heuristics only to block suspicious behavior).  I used Threatfire in conjunction with Avira AntiVir Premium and Comodo Firewall for a long time.  Sometimes the alerts were redundant (where more than one AV product required me to OK a program's suspicious behavior).  But, I'd rather have the extra alerts than risk malware getting through.

I'd also make sure to run using a non Admin account.   That's easy if using Vista or newer versions of Windows like Win 7.  Basically, click on your start button and type in Standard User Account into the search box and you'll see a link to set one up.  Running under an Account without Admin permissions decreases the chance of malware installing without your knowledge.

-- hide signature --


OP 3dreal Senior Member • Posts: 2,271
Re: use before installing any software-BEWARE pesfdisk.exe

Good hints, thanks. I think at there is a link to an AV-comparison-site. The same has been reported about comodo.

Yes i am using a restricted account normally. Maybe its better installing all programs-if possible from there.

I dont know if its good to add this here or open a new thread. Its about Firefox which started crashing abou 14 days ago.

Exactly at this date this suspicious file had been installed in SYSTEM32-directory.


Important: Superantispyware and  processexplorer have found it!

sasw is my favorite scanner, with highest success-rate.

More updates about this file will follow.

at windows\pchealth a userdumps-file had been found 6 days later. will ask in whats all about this. exact name will follow, is on the other drive.

will now try to find out what i was doing on the installation date.

-- hide signature --

OP 3dreal Senior Member • Posts: 2,271
Re:BEWARE OF pesfdisk.exe

found here

WINDOWS\pchealth\ERRORREP\UserDumps\pesfdisk.ex...... 17.3.2013
HDMP-DATEI 17.03.2013

since this happened just when Firefox started crashing all the time i had to inform about this here beside that trojan. Maybe related. Pity i didnt check at what date i received the iconforamazon.exe.

-- hide signature --

OP 3dreal Senior Member • Posts: 2,271
Re:BEWARE OF pesfdisk.exe

Is a serious danger. I must replace my systempartion by an older backup or even "flat" my whole drive.

I know from where i received that file. It seem not related. 6 weeks ago i had an attack towards my Firefox masterpassword. was blocked! Maybe everything is related. so only a clean reinstall will help.

I was told at camp-firefox(german) it could be a backdoor-trojan. has it listed, seek for europanorama(me).

-- hide signature --

OP 3dreal Senior Member • Posts: 2,271
Re:BEWARE of pesfdisk.exe-Firefox crashes very frequently

1. first was an attack against my Firefox-Masterpassword. It was blocked.

2. Then Firefox crashed all the times. more frequent than ever before. Beforehand it hardly crashed.

thats why the people of campfirefox and german) said my system is seriously infected. But i wanted to see it. Thats why i remember this german site:

The very first program-STINGER- showed these "SUPERHIDDEN" backdoors trojans. They are in Chrome among a second location.

here is the mentioned comparison site about free onlinescanners:

-- hide signature --

Keyboard shortcuts:
FForum MMy threads