Mozilla Firefox Security Update

Malware detection, cleaning and prevention

Mozilla Firefox Security Update

Postby John Baird on Fri Nov 12, 2010 12:43 pm

On two occassions I have received a pop up panel requesting the installation of a security update for Firefox. After installation Spybot detects a Trojan kind TrojansC-05 called Win32.Agent.wu located in c:\windows\system32\updater.exe. The file properties look authentic.
I have removed this file using Spybot Fix.
Also neither Adaware or Avast detect this file/Trojan.
Any comments on the authenticity of this file would be appreciated.
John Baird
Posts: 40
Joined: Fri Sep 23, 2005 11:36 am

Re: Mozilla Firefox Security Update

Postby LarryK on Fri Nov 12, 2010 6:27 pm

I googled this ... 2147343220

Could be a new variant, they tend to do that.

Best you do a full AV scan, Malware scan etc, and see what turns up.

Re: Mozilla Firefox Security Update

Postby CoreyPlover on Sat Nov 13, 2010 9:03 pm

Based on the Spybot detection and the various links upon searching for Win32.Agent.wu and "windows/system32/updater.exe" I'd be pretty confident this is an infected file.

If you ever have files that you are unsure of whether they are an infected piece of malware, or a genuine system file, you should rename its extension (say, to ".old" or ".tmp") and move it to a temporary directory. That way, if it turns out to be a necessary piece of software, you can easily restore it. If not, you can delete it.

MalwareBytes is my preferred malware scanner; seems very effective at detecting newer variants of malware.
I am a volunteer moderator and not an Exetel staff member. As with all forum posts, mine do not constitute any "official" Exetel position. Support tickets may be logged via or
User avatar
Volunteer Site Admin
Posts: 7075
Joined: Sat Nov 04, 2006 2:24 pm
Location: Melbourne, VIC

Return to Virus / spam / spyware issues

Who is online

Users browsing this forum: No registered users and 1 guest