False/positive

[Guest]

[Wacker]

Starting from stracth,  (3.10), & after updating it's now running a system scan. So far it has  found;  "TrojWare.Win32.Trojan.Agent.¬(ID =0x659b9c)  location C:\program Files\Mozilla Firefox\runner 

I ran Ad-Aware the other day as well as running regular scans from AVG but it has never picked this up? Any ideas.

TIA

[commanding the celsius]

I use mozilla firexox myself and have no file/folder there called runner..

What version of Firefox do you use? Mine is 3.5.2.. Perhaps if possible you should send the file to virustotal.com and see what the other scanners thinks about it.. 

[Wacker]

I use mozilla firexox myself and have no file/folder there called runner..

What version of Firefox do you use? Mine is 3.5.2.. Perhaps if possible you should send the file to virustotal.com and see what the other scanners thinks about it.. 

My version is also 3.5.2
It has finished scanning and reported 5 files infected. Here they are;

TrojWare.Win32.Trojan.Agent.~(ID = 0x659b9c) C:\Users\*name\AppData\Local\Temp\Temp1_Runner.zip\Runner\lt-runner.exe
TrojWare.Win32.Trojan.Agent.~(ID = 0x659b9c) C:\Users\*name\Downloads\Runner\Runner\lt-runner.exe
TrojWare.Win32.Trojan.Agent.~(ID = 0x659b9c) C:\Users\*name\Downloads\Runner.zip:Runner/lt-runner.exe
Application.Win32.LeakTest.~LT(ID = 0x90b95f) C:\Program Files\COMODO\COMODO Internet Security\Quarantine\LeakTest.exe:UPX
TrojWare.Win32.Trojan.Agent.~(ID = 0x659b9c) C:\Program Files\Mozilla Firefox\runner

what do you think? delete?? report???

[commanding the celsius]

Sorry for the slow reply..

I think you got a genuine infection.. But I might be wrong.. Quarantine would be my pick.. And if you don't notice any problems with firefox leave the files quarantined..

[Tags:]