Win32 Salty

http://www.fbmsoftware.com/spyware-net/process/updater_exe/2656/

Seems difficult to find exact info....

http://72.14.235.104/search?q=cache:slxZEfOHu5MJ:www.71office.com/xml/xml.xml+updater.exe+spyware+firefox+win32+salty&hl=en&gl=au&ct=clnk&cd=2

Egad...that didn't help any.....

http://www.badaga.org/forum/viewtopic.php?p=2589

about two-thirds of the way down that page there's an entry about "Win32 salty" ...which is claimed to be a virus... usually sent as an email attachment.

...Perhaps someone's found another way of distributing it.

Erk....looking at the rest of that page it's hard to place much credit on the veracity of that post...

Ah ...guess I should've read the whole page.

I just scanned over it till I found the bit I was looking for.

Oh well, I had the best intentions ...and it's all I could find on the subject. What you said in #1 is true ...hard to find anything about it.

Good luck, Po'

It's a false positive. Go here: http://virusscan.jotti.org/ browse to the updater. exe file on your hard drive and it will scan the file against it's data base. When it's done and it shows nothing, go about worrying about something else.........  

yrag...I scanned it from that link (which uses AVAST as one of it's sources) and it came up clean. I did this after I restored it to it's location from Avasts virus chest.

So, now I'm confused.
avast


site scan




Is it clean now, since it was in the chest (have to ask cause I'm a dumazz)

Was something attached to it?

I found it. It seems it's a bug with avast. (yrag- "False Positive)

I'm posting the Mozilla forum link here for anyone else who uses Avast and runs into this. It seems to be a bug in their last update and can be corrected.
http://forums.mozillazine.org/viewtopic.php?t=437465&highlight=avast+worm

Ah....I'd come across 'updater.exe' having potential issues in the past...but not with the firefox ver ....so it looks like the other ones' history caused the false Pos with firefox's.

Maybe Avast is almost as iffy as Norton...which is famous for false positives...

Maybe Avast is almost as iffy as Norton...which is famous for false positives..

I've been using Avast for about 6 -7 months now, Firefox for longer, and have not encountered this issue/false positives, either....

Nevertheless, thanks for the link, Po', in the event I come across this...

From a site:

This message is notification to let you know that you do not open file attachment with extension file name: exe, pif, scr, bat, zip, doc, txt, HQX, BHX, mim, uu, uue,,, etc. and its size file within 50KB - 181KB because they are dangerous virus. Even though you know that the sender as your friend, your group moderator, the name of yourself or any one who wellkown in the world such as celebrity. Some examples of the attachment, you can see the list below: File-name-attachment -----> Virus name ================ ============ Details.exe -----> Win32/Salty love_me.exe -----> Win32/Salty love_me_now.exe -----> Win32/Salty mssage.scr -----> Worm/Netsky.Q message.zip -----> Worm/Netsky.Q your_document.pif -----> Worm/Netsky.Q details03.zip -----> Worm/Netsky.Q data.txt -----> Worm/Netsky.Q data.zip -----> Worm/Netsky.Q websitefirst01.zip -----> Worm/Netsky.Q bill.zip -----> Worm/Netsky.Q Attachment00.HQX -----> Worm/VB.6.AN Attachment01.BHX -----> Worm/VB.6.AN Video_part.mim -----> Worm/VB.6.AN data.pif -----> Worm/Mytob.AA documen.pif -----> Worm/Mytob.AA document.zip -----> Worm/Mytob.AA doc.scr -----> Worm/Mytob.AA body.zip -----> Worm/Mytob.AA important_info.doc -----> Worm/Mytob.AA readme.zip -----> Worm/Mytob.C text.pif -----> Worm/Mytob.C important_detail.zip -----> Worm/Mytob.IS

BX ...that comes from the site I linked to above. If you read the rest of that page, you'll see that the information there is of a somewhat dubious nature ..as Jafo kindly pointed out.