found this one in sandboxie, is this for real or just a fp. c:\sandbox\admin\defaultbox\user\current\appdata\local\microsoft\windows\temporary internet files\content.ie5\9cj6dvff\fastdownload[1].exe
Can't really say much from a filename. Got an MD5? In the scan logs, the program logs are at the end and should include the filename for the detection and an MD5. Then a WSA person can peek. Or check on the Webroot Community with the MD5 info and you might get a faster answer. I'd say shout out to Kit (He's helpful), but he'd probably die from overwork if everybody did that. He used to be an escalation engineer but he's QA now and everything he does on the community is on his own time.