Mozilla Firefox Security Update

Malware detection, cleaning and prevention

Mozilla Firefox Security Update

Postby John Baird on Fri Nov 12, 2010 12:43 pm

On two occassions I have received a pop up panel requesting the installation of a security update for Firefox. After installation Spybot detects a Trojan kind TrojansC-05 called Win32.Agent.wu located in c:\windows\system32\updater.exe. The file properties look authentic.
I have removed this file using Spybot Fix.
Also neither Adaware or Avast detect this file/Trojan.
Any comments on the authenticity of this file would be appreciated.
John Baird
 
Posts: 40
Joined: Fri Sep 23, 2005 11:36 am

Re: Mozilla Firefox Security Update

Postby LarryK on Fri Nov 12, 2010 6:27 pm

I googled this

http://www.microsoft.com/security/porta ... 2147343220

Could be a new variant, they tend to do that.

Best you do a full AV scan, Malware scan etc, and see what turns up.
LarryK
 

Re: Mozilla Firefox Security Update

Postby CoreyPlover on Sat Nov 13, 2010 9:03 pm

Based on the Spybot detection and the various links upon searching for Win32.Agent.wu and "windows/system32/updater.exe" I'd be pretty confident this is an infected file.

If you ever have files that you are unsure of whether they are an infected piece of malware, or a genuine system file, you should rename its extension (say, to ".old" or ".tmp") and move it to a temporary directory. That way, if it turns out to be a necessary piece of software, you can easily restore it. If not, you can delete it.

MalwareBytes is my preferred malware scanner; seems very effective at detecting newer variants of malware.
I am a volunteer moderator and not an Exetel staff member. As with all forum posts, mine do not constitute any "official" Exetel position. Support tickets may be logged via https://helpdesk.exetel.com.au or residentialsupport@exetel.com.au
User avatar
CoreyPlover
Volunteer Site Admin
 
Posts: 7075
Joined: Sat Nov 04, 2006 2:24 pm
Location: Melbourne, VIC


Return to Virus / spam / spyware issues

Who is online

Users browsing this forum: No registered users and 1 guest