搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

On application run of Firefox my firewall blocks access to "mirror.mirror-files.com/tnt2/10252/FindWide_16.ico" and flags it as a 'Mal/HTMLGen-A' threat.

  • 1 个回答
  • 1 人有此问题
  • 1 次查看
  • 最后回复者为 BillyBoof

more options

I'm running Sophos Endpoint Protection on my PC and have 2 android devices synced to firefox. Also have LastPass on the PC. I recently installed and then very quickly uninstalled open office (due to adverts from Yula), following that uninstall I used ccleaner to tidy up the registry etc. Need your help with the process of elimination, if its a genuine firefox function then I'll open it up otherwise its time to hunt waskally waabits!

Below is the antivirus log for today (when the issue arose): 20140627 010456 Blocked web request to "mirror.mirror-files.com/tnt2/10252/FindWide_16.ico" for user Bane_2\BillyBoof. 'Mal/HTMLGen-A' has been found at this website, reference ID 124416537. 20140627 011044 Blocked web request to "mirror.mirror-files.com/tnt2/10252/FindWide_16.ico" for user Bane_2\BillyBoof. 'Mal/HTMLGen-A' has been found at this website, reference ID 124416537.

Firewall log (extract): 09:10:45 firefox.exe OUT TCP localhost 49511 IM outbound client connection (TCP) 09:10:44 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:10:44 system OUT TCP 157.56.141.114 HTTPS Browser HTTPS connection 09:10:44 firefox.exe OUT TCP 184.86.223.112 HTTP Browser HTTP connection 09:10:44 firefox.exe IN TCP localhost 49500 Localhost Connection 09:10:44 firefox.exe OUT TCP localhost 49499 IM outbound client connection (TCP) 09:10:41 svchost.exe OUT TCP 157.56.141.114 HTTPS IM outbound client connection (TCP) 09:04:57 firefox.exe IN TCP localhost 49309 Localhost Connection 09:04:56 firefox.exe IN TCP localhost 49290 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49289 IM outbound client connection (TCP) 09:04:56 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:04:56 firefox.exe OUT TCP 98.137.250.95 HTTPS Browser HTTPS connection 09:04:56 firefox.exe IN TCP localhost 49296 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49295 IM outbound client connection (TCP) 09:04:56 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:04:56 firefox.exe OUT TCP localhost 9050 IM outbound client connection (TCP) 09:04:56 firefox.exe IN TCP localhost 49293 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49292 IM outbound client connection (TCP) 09:04:56 firefox.exe OUT TCP 184.86.223.121 HTTP Browser HTTPS connection 09:04:55 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP)

I'm running Sophos Endpoint Protection on my PC and have 2 android devices synced to firefox. Also have LastPass on the PC. I recently installed and then very quickly uninstalled open office (due to adverts from Yula), following that uninstall I used ccleaner to tidy up the registry etc. Need your help with the process of elimination, if its a genuine firefox function then I'll open it up otherwise its time to hunt waskally waabits! Below is the antivirus log for today (when the issue arose): 20140627 010456 Blocked web request to "mirror.mirror-files.com/tnt2/10252/FindWide_16.ico" for user Bane_2\BillyBoof. 'Mal/HTMLGen-A' has been found at this website, reference ID 124416537. 20140627 011044 Blocked web request to "mirror.mirror-files.com/tnt2/10252/FindWide_16.ico" for user Bane_2\BillyBoof. 'Mal/HTMLGen-A' has been found at this website, reference ID 124416537. Firewall log (extract): 09:10:45 firefox.exe OUT TCP localhost 49511 IM outbound client connection (TCP) 09:10:44 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:10:44 system OUT TCP 157.56.141.114 HTTPS Browser HTTPS connection 09:10:44 firefox.exe OUT TCP 184.86.223.112 HTTP Browser HTTP connection 09:10:44 firefox.exe IN TCP localhost 49500 Localhost Connection 09:10:44 firefox.exe OUT TCP localhost 49499 IM outbound client connection (TCP) 09:10:41 svchost.exe OUT TCP 157.56.141.114 HTTPS IM outbound client connection (TCP) 09:04:57 firefox.exe IN TCP localhost 49309 Localhost Connection 09:04:56 firefox.exe IN TCP localhost 49290 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49289 IM outbound client connection (TCP) 09:04:56 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:04:56 firefox.exe OUT TCP 98.137.250.95 HTTPS Browser HTTPS connection 09:04:56 firefox.exe IN TCP localhost 49296 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49295 IM outbound client connection (TCP) 09:04:56 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:04:56 firefox.exe OUT TCP localhost 9050 IM outbound client connection (TCP) 09:04:56 firefox.exe IN TCP localhost 49293 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49292 IM outbound client connection (TCP) 09:04:56 firefox.exe OUT TCP 184.86.223.121 HTTP Browser HTTPS connection 09:04:55 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP)

所有回复 (1)

more options

Not sure why the times on the antivirus log have skewed, here's the screenshot http://imgur.com/pNTI1Qq