Because the effect can be destructive, I'll give you the fix before I explain the problem.
If you have any version of SuperAntiSpyware earlier than ver. 4.40:
1. If any earlier version of SuperAntiSpyware reports alerts for a group that includes th name, Trojan.Agent/Gen-CDesc, exit the program, and DO NOT let it attempt to repair them.
2. Run your AV program and any other anti-malware programs, other than SuperAntiSpyware, and back up your system.
3. Uninstall any older version of SuperAntiSpyware, and download and install ver. 4.40.
The story:
Yesterday, a friend phoned with justified panic. He had just run SuperAntiSpyware ver. 4.30 which reported around 3,000 malicious entries as Trojan.Agent/Gen-CDesc[WV-LG] and others with the same name followed by other letters in the brackets. When he clicked to continue and clean the problems, the system said it had to reboot to complete the cleanup. When Windows restarted, many of his programs no longer worked and reported one or more missing files, mostly DLL's.
The good news for him is that it didn't destroy any data files, and if it had, he has been good about backing up his system. I saved his current data files to a flash drive and spent a couple of hours restoring his system from a two week old backup, and when I again ran SuperAntiSpyware, it reported the same problems. This time, I did NOT click to allow it to clean up the problems it found, and when I exited SuperAntiSpyware, everything was still working.
When I got home, I checked my version and found it was ver. 4.30 so I clicked to update it. The download reported the suspected trojan among the updates, and when it was done, it reported that my files were up to date, but when I restarted it, it still showed that the version remained as ver 4.30. I scanned my machine which found no problems.
I then searched Google for "Gen-CDesc" with and without the bracketed extensions and found a lot of reports about it as a trojan. No one reported a confirmed way to remove the trojan, but most reported no destructive activity, just progressively slower performance so I told him to keep working with the system as it was, and I would research the problem further.
One thing I noticed was that the reports that included progam failures also referred to SuperAntiSpyware. I finally found one forum thread where one reply noted that the OP's log file showed an older version of the program and suggested downloading and installing the latest version, ver. 4.40. The OP happily replied that that fixed the problem.
The fix
I downloaded the new version, uninstalled ver. 4.30, installed ver. 4.40 and swept my machine again. As expected, it found no problems, but at least, it appeared to work OK.
Today, I installed ver. 4.40 on my friend's machine and swept it. I had not deleted any files so it was scanning the same files that ver 4.30 reported as infected. This time, it found no problems.
I don't know what specific conditions existed to trigger these false alarms or how widespread they are, but installing ver. 4.40 fixed the problem.
If you have any version of SuperAntiSpyware earlier than ver. 4.40:
1. If any earlier version of SuperAntiSpyware reports alerts for a group that includes th name, Trojan.Agent/Gen-CDesc, exit the program, and DO NOT let it attempt to repair them.
2. Run your AV program and any other anti-malware programs, other than SuperAntiSpyware, and back up your system.
3. Uninstall any older version of SuperAntiSpyware, and download and install ver. 4.40.
The story:
Yesterday, a friend phoned with justified panic. He had just run SuperAntiSpyware ver. 4.30 which reported around 3,000 malicious entries as Trojan.Agent/Gen-CDesc[WV-LG] and others with the same name followed by other letters in the brackets. When he clicked to continue and clean the problems, the system said it had to reboot to complete the cleanup. When Windows restarted, many of his programs no longer worked and reported one or more missing files, mostly DLL's.
The good news for him is that it didn't destroy any data files, and if it had, he has been good about backing up his system. I saved his current data files to a flash drive and spent a couple of hours restoring his system from a two week old backup, and when I again ran SuperAntiSpyware, it reported the same problems. This time, I did NOT click to allow it to clean up the problems it found, and when I exited SuperAntiSpyware, everything was still working.
When I got home, I checked my version and found it was ver. 4.30 so I clicked to update it. The download reported the suspected trojan among the updates, and when it was done, it reported that my files were up to date, but when I restarted it, it still showed that the version remained as ver 4.30. I scanned my machine which found no problems.
I then searched Google for "Gen-CDesc" with and without the bracketed extensions and found a lot of reports about it as a trojan. No one reported a confirmed way to remove the trojan, but most reported no destructive activity, just progressively slower performance so I told him to keep working with the system as it was, and I would research the problem further.
One thing I noticed was that the reports that included progam failures also referred to SuperAntiSpyware. I finally found one forum thread where one reply noted that the OP's log file showed an older version of the program and suggested downloading and installing the latest version, ver. 4.40. The OP happily replied that that fixed the problem.
The fix
I downloaded the new version, uninstalled ver. 4.30, installed ver. 4.40 and swept my machine again. As expected, it found no problems, but at least, it appeared to work OK.
Today, I installed ver. 4.40 on my friend's machine and swept it. I had not deleted any files so it was scanning the same files that ver 4.30 reported as infected. This time, it found no problems.
I don't know what specific conditions existed to trigger these false alarms or how widespread they are, but installing ver. 4.40 fixed the problem.
Last edited:
Facebook
Twitter