Heur.Suspicious@97678203 (malware)

[muskrat26]

Mainly found in :-
C:\Documents and Settings\Owner\Local Settings\ Application data\Mozilla\Firefox\Profiles\cykutqaz.default\Cashe\E89CFE77d01

Also in:-
Mozilla-cashe-trash
Local Settings\Temp\hCHkuROI.exe.part
local Settings\Temp\ umpteen different letters and numbers\exe.part

But they all link back to Heur.Suspicious@97678203 and I kept getting warning messages last night and I see today that 41 times this was found and quarantined by comodo yesterday.

I did a scan and Comodo found nothing but looking at my logs this item crops up many times a day and Comodo quarantines it. I now have hundreds of this record in my log. So is there a problem with Firefox or is it my problem and how can I actually remove this malware?

I did run Malware Bytes and it found nothing so is this a false positive? If it is then I don't understand why Comodo keeps flashing up an alert on my screen "virus found". I have not seen Firefox update, I have not added anything to Firefox since 4 months ago.

I did a google search of the details but nothing has come up. Obviously Comodo is doing its job but I could have a better life without browsing my normal haunts and seeing Comoso's warning messages coming up like morse code.

Can anyone help me clear this little pest?

[ken]

As long as you have remembered to update MBAM, I can only suggest its not finding it as Comodo has quarantined it Von. I presume you have installed the whole Comodo suite and I only run the firewall part along with Avast on my laptop. I've never run the whole thing, so I dont know how it works. If you view the quarantine, doesn't it give you the option to delete it, or release it??? I dont understand it if it wont. If its a Trojan it possibly cant fix it, but then MBAM should find it. Try running MBAM in Safe Mode, thats all I can suggest at the moment.

[ken]

PS: Remember to update MBAM before going into Safe Mode

[mikkh]

'heur' is probably short for heuristic - an algorithm based guess basically. It's saying it could be a virus, not that it definitely is, so I suppose you could call it a false positive. A lot of security software uses heuristics to try and second guess where the next threat is coming from

Delete the Firefox cache and delete the temp files and you should be OK

Run.... as a command

%temp%

That should bring up a window with all the temp junk in it - delete the lot

Some might not want to go because they are in use (daily temp files from security programs mostly)

I usually press CTRL +A to pick everything, press the delete key, then wait to see what reports to be in use, then holding down the CTRL key I de-select the mentioned file by clicking it with the mouse and press the delete key again - repeat if necessary, there shouldn't be more than 2 or 3 files 'in use'

[muskrat26]

ok - cashe cleared and temp files cleared. I'll keep an eye on Comodo over the next few days and see whether I still am finding Comodo has quarantined this same baby.