Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

On application run of Firefox my firewall blocks access to "mirror.mirror-files.com/tnt2/10252/FindWide_16.ico" and flags it as a 'Mal/HTMLGen-A' threat.

  • 1 svar
  • 1 har dette problemet
  • 1 view
  • Siste svar av BillyBoof

more options

I'm running Sophos Endpoint Protection on my PC and have 2 android devices synced to firefox. Also have LastPass on the PC. I recently installed and then very quickly uninstalled open office (due to adverts from Yula), following that uninstall I used ccleaner to tidy up the registry etc. Need your help with the process of elimination, if its a genuine firefox function then I'll open it up otherwise its time to hunt waskally waabits!

Below is the antivirus log for today (when the issue arose): 20140627 010456 Blocked web request to "mirror.mirror-files.com/tnt2/10252/FindWide_16.ico" for user Bane_2\BillyBoof. 'Mal/HTMLGen-A' has been found at this website, reference ID 124416537. 20140627 011044 Blocked web request to "mirror.mirror-files.com/tnt2/10252/FindWide_16.ico" for user Bane_2\BillyBoof. 'Mal/HTMLGen-A' has been found at this website, reference ID 124416537.

Firewall log (extract): 09:10:45 firefox.exe OUT TCP localhost 49511 IM outbound client connection (TCP) 09:10:44 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:10:44 system OUT TCP 157.56.141.114 HTTPS Browser HTTPS connection 09:10:44 firefox.exe OUT TCP 184.86.223.112 HTTP Browser HTTP connection 09:10:44 firefox.exe IN TCP localhost 49500 Localhost Connection 09:10:44 firefox.exe OUT TCP localhost 49499 IM outbound client connection (TCP) 09:10:41 svchost.exe OUT TCP 157.56.141.114 HTTPS IM outbound client connection (TCP) 09:04:57 firefox.exe IN TCP localhost 49309 Localhost Connection 09:04:56 firefox.exe IN TCP localhost 49290 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49289 IM outbound client connection (TCP) 09:04:56 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:04:56 firefox.exe OUT TCP 98.137.250.95 HTTPS Browser HTTPS connection 09:04:56 firefox.exe IN TCP localhost 49296 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49295 IM outbound client connection (TCP) 09:04:56 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:04:56 firefox.exe OUT TCP localhost 9050 IM outbound client connection (TCP) 09:04:56 firefox.exe IN TCP localhost 49293 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49292 IM outbound client connection (TCP) 09:04:56 firefox.exe OUT TCP 184.86.223.121 HTTP Browser HTTPS connection 09:04:55 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP)

I'm running Sophos Endpoint Protection on my PC and have 2 android devices synced to firefox. Also have LastPass on the PC. I recently installed and then very quickly uninstalled open office (due to adverts from Yula), following that uninstall I used ccleaner to tidy up the registry etc. Need your help with the process of elimination, if its a genuine firefox function then I'll open it up otherwise its time to hunt waskally waabits! Below is the antivirus log for today (when the issue arose): 20140627 010456 Blocked web request to "mirror.mirror-files.com/tnt2/10252/FindWide_16.ico" for user Bane_2\BillyBoof. 'Mal/HTMLGen-A' has been found at this website, reference ID 124416537. 20140627 011044 Blocked web request to "mirror.mirror-files.com/tnt2/10252/FindWide_16.ico" for user Bane_2\BillyBoof. 'Mal/HTMLGen-A' has been found at this website, reference ID 124416537. Firewall log (extract): 09:10:45 firefox.exe OUT TCP localhost 49511 IM outbound client connection (TCP) 09:10:44 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:10:44 system OUT TCP 157.56.141.114 HTTPS Browser HTTPS connection 09:10:44 firefox.exe OUT TCP 184.86.223.112 HTTP Browser HTTP connection 09:10:44 firefox.exe IN TCP localhost 49500 Localhost Connection 09:10:44 firefox.exe OUT TCP localhost 49499 IM outbound client connection (TCP) 09:10:41 svchost.exe OUT TCP 157.56.141.114 HTTPS IM outbound client connection (TCP) 09:04:57 firefox.exe IN TCP localhost 49309 Localhost Connection 09:04:56 firefox.exe IN TCP localhost 49290 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49289 IM outbound client connection (TCP) 09:04:56 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:04:56 firefox.exe OUT TCP 98.137.250.95 HTTPS Browser HTTPS connection 09:04:56 firefox.exe IN TCP localhost 49296 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49295 IM outbound client connection (TCP) 09:04:56 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP) 09:04:56 firefox.exe OUT TCP localhost 9050 IM outbound client connection (TCP) 09:04:56 firefox.exe IN TCP localhost 49293 Localhost Connection 09:04:56 firefox.exe OUT TCP localhost 49292 IM outbound client connection (TCP) 09:04:56 firefox.exe OUT TCP 184.86.223.121 HTTP Browser HTTPS connection 09:04:55 svchost.exe OUT UDP 10.0.0.138 DNS Allow DNS resolving (UDP)

All Replies (1)

more options

Not sure why the times on the antivirus log have skewed, here's the screenshot http://imgur.com/pNTI1Qq