Welcome to the Australian Ford Forums forum.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and inserts advertising. By joining our free community you will have access to post topics, communicate privately with other members, respond to polls, upload content and access many other special features without post based advertising banners. Registration is simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Please Note: All new registrations go through a manual approval queue to keep spammers out. This is checked twice each day so there will be a delay before your registration is activated.

Go Back   Australian Ford Forums > General Topics > Ford Forums Central > Site Support

Site Support If something isn't working or you have a suggestion ( a nice one !! ) let us know here.

Reply
 
Thread Tools Display Modes
Old 20-02-2005, 12:22 AM   #1
svo347
AFF's 1st DM.......
 
svo347's Avatar
 
Join Date: Dec 2004
Location: Wha???... There is only 2 states 2 be in.. WA or Drunk..
Posts: 6,200
Default FireFox Virus??

Hey peoples, I seem to have a problem with FireFox & wondering if anyone else has also..
My antivirus program constantly picks up this virus whenever I use FireFox.
It says blocking virus "Exploit.Html.MhtRedir.Gen"
Any clues to what it is?
Its located in firefox profiles blah blah blah..
Thanx
Brett
__________________
FORD GIVING POWER TO THE PEOPLE
Alloy headed 347ci EDXR8
13.21 @107.7mph
Quote:
Originally Posted by zetec
I know what lengths they go to to ensure it's more than just a Ford sticker on the part. Ford doesn't throw it's name on anything for a quick buck.
06 Turbo Terri AWD 6 sp in Neo with stuff i didnt even need, side steps,15.2 inch roof mounted DVD,Pioneer $tezza,Selby 30/18mm swaybars,debunged,100 cpsi Ballistic cat,Plazmaman under battery Cai injectors 14/lb boost,ZF tuned,Xtreme's magic. :
svo347 is offline   Reply With Quote Multi-Quote with this Post
Old 20-02-2005, 12:40 AM   #2
lv619
FF.Com.Au Hardcore
 
lv619's Avatar
 
Join Date: Dec 2004
Posts: 1,521
Default

I assume this is it here:
http://www.viruslist.com/en/viruses/...?virusid=48656

Have you tried getting rid of it through spybot programs or anything?
__________________
Me fail English? That's unpossible.
lv619 is offline   Reply With Quote Multi-Quote with this Post
Old 20-02-2005, 12:49 AM   #3
svo347
AFF's 1st DM.......
 
svo347's Avatar
 
Join Date: Dec 2004
Location: Wha???... There is only 2 states 2 be in.. WA or Drunk..
Posts: 6,200
Default

yes, but keeps returning.
__________________
FORD GIVING POWER TO THE PEOPLE
Alloy headed 347ci EDXR8
13.21 @107.7mph
Quote:
Originally Posted by zetec
I know what lengths they go to to ensure it's more than just a Ford sticker on the part. Ford doesn't throw it's name on anything for a quick buck.
06 Turbo Terri AWD 6 sp in Neo with stuff i didnt even need, side steps,15.2 inch roof mounted DVD,Pioneer $tezza,Selby 30/18mm swaybars,debunged,100 cpsi Ballistic cat,Plazmaman under battery Cai injectors 14/lb boost,ZF tuned,Xtreme's magic. :
svo347 is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 01:29 PM   #4
XW 393
"WHEEZER" POWERED
 
XW 393's Avatar
 
Join Date: Dec 2004
Location: Western Suburbs, Victoria
Posts: 1,385
Default

Weird, I have no problems with Firefox, yet I hear all sorts of bad things ...........
__________________
FG MK2 XR6 DAILY - BLOWN VE SSV Z SERIES TAILY
XW 393 is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 01:49 PM   #5
Laminge
Cuban... nothing like it
 
Join Date: Dec 2004
Location: Watching in amusement
Posts: 11,643
Default

Nope no probs that i have seen.

Have you completly removed firefox and deleted all files?
__________________
Quote:
Originally Posted by Laminge
...its amazing how mud sticks to ones shoes, as flies do to the elderly and bottle blondes around fame and fortune...
Laminge is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 01:52 PM   #6
TIKFD6
Number 5 is alive!
 
TIKFD6's Avatar
 
Join Date: Dec 2004
Location: Melbourne, Vic
Posts: 3,438
Default

No problems on this end either Brett.
__________________
Kerry
Tickford wings are for Tickford cars!

"Experimental Racer" #6
1994 Gunmetal XG XR6 1997-1999
[B][COLOR=Red] 1994 Le Mans Red ED
2008 MA XR5 Mondeo

2015 VOLVO V60 T6 R-DESIGN-POLESTAR Enhanced



TIKFD6 is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 02:02 PM   #7
The MaDDeSTMaN
No longer driving a Ford.
 
The MaDDeSTMaN's Avatar
 
Join Date: Dec 2004
Location: Melbourne, Victoria
Posts: 2,969
Default

No problems here either.

Sounds like there is something in your FireFox folder that your antivirus program doesn't like, but it could very well be harmless.

If you could tell us the exact file and where it is located (for example, C:\Program Files\Mozilla Firefox\defaults\profile\bookmarks.html), we might be able to shed some more light on what is going on.
__________________
Quote:
Originally Posted by russellw
For those who get their jollies attacking other people let me remind you that we will not tolerate this here. If you want to do that then I am sure your presence would be welcomed elsewhere.
The MaDDeSTMaN is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 03:09 PM   #8
MotherNatureVer2
FF.Com.Au Hardcore
 
Join Date: Jan 2005
Posts: 5,165
Default

I have no problems at all either ....... I know I know jack about computers but wuld it be possible that this virus has just attached itself to firefox & isnt part of it .... if that makes any sence :P
MotherNatureVer2 is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 03:53 PM   #9
M14A-Mclaren
Foo Fighter
 
M14A-Mclaren's Avatar
 
Join Date: Jan 2005
Location: Wellington, NZ
Posts: 3,740
Default

I would say export your bookmarks, Delete your profile(Start>Run "firefox.exe -profilemanager") and make a new one, import your bookmarks again. You''ll have to reinstall any extensions you had as well
M14A-Mclaren is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 08:41 PM   #10
svo347
AFF's 1st DM.......
 
svo347's Avatar
 
Join Date: Dec 2004
Location: Wha???... There is only 2 states 2 be in.. WA or Drunk..
Posts: 6,200
Default

Ok as it reads.....
c:\documents and settings\brett\applicationdata\mozilla\firefox\pro files\57gjnbiq.defaultuser\cache\90d74818d01
Infected with Exploit.Html.MhtRedir.Gen
Anybody??
Tried to uninstall firefox, restarted & re downloaded firefox to no avail.
__________________
FORD GIVING POWER TO THE PEOPLE
Alloy headed 347ci EDXR8
13.21 @107.7mph
Quote:
Originally Posted by zetec
I know what lengths they go to to ensure it's more than just a Ford sticker on the part. Ford doesn't throw it's name on anything for a quick buck.
06 Turbo Terri AWD 6 sp in Neo with stuff i didnt even need, side steps,15.2 inch roof mounted DVD,Pioneer $tezza,Selby 30/18mm swaybars,debunged,100 cpsi Ballistic cat,Plazmaman under battery Cai injectors 14/lb boost,ZF tuned,Xtreme's magic. :
svo347 is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 08:48 PM   #11
RED_EL_XR8
Banned
 
RED_EL_XR8's Avatar
 
Join Date: Dec 2004
Location: Not suffering Fools Gladly!!
Posts: 2,864
Default

Quote:
Originally Posted by The MaDDeSTMaN
No problems here either.

Sounds like there is something in your FireFox folder that your antivirus program doesn't like, but it could very well be harmless.

If you could tell us the exact file and where it is located (for example, C:\Program Files\Mozilla Firefox\defaults\profile\bookmarks.html), we might be able to shed some more light on what is going on.
Your right on the money there. The file you virus scanner dislikes (but does not recognise or know how to fix) in in the cache. I dont think you'll find firefox is infected or your computer, your virus scanner is diabling but doesn't know how to kill it. Load all the updates to your virus scanner program and write down every error message, odds on you have something new which will be added to the definitions in a day or so.

Persistance!
RED_EL_XR8 is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 08:55 PM   #12
Sprint_ED
FF.Com.Au Hardcore
 
Sprint_ED's Avatar
 
Join Date: Jan 2005
Location: Werribee, Victoria
Posts: 1,141
Default

try going to www.symantec.com anr download the Exploit.Html.MhtRedir.Gen removal tool, it will not only get rid of the virus but remove all other assiciated files from ur pc
__________________
RIDE: Cobalt blue XR8 Sprint
MODS:Lowered, Paceys, Twin 2.25'' Exhaust By Hallam Exhaust, AFR 165's, Crane 2031 Cam, E-Series Edit, 180 RWKW
TUNED BY BLUEPOWER RACING DEVELOPMENTS 13.79 @ 102 Mph
Sprint_ED is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 09:03 PM   #13
Laminge
Cuban... nothing like it
 
Join Date: Dec 2004
Location: Watching in amusement
Posts: 11,643
Default

when you removed firefox did you delete the cache or any directories left over.

Unistall firefox, delete any files from c:\documents and settings\brett\applicationdata\mozilla onwards
__________________
Quote:
Originally Posted by Laminge
...its amazing how mud sticks to ones shoes, as flies do to the elderly and bottle blondes around fame and fortune...
Laminge is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 09:04 PM   #14
svo347
AFF's 1st DM.......
 
svo347's Avatar
 
Join Date: Dec 2004
Location: Wha???... There is only 2 states 2 be in.. WA or Drunk..
Posts: 6,200
Default

thanx pal.. Muchly appreciated!!!!!
__________________
FORD GIVING POWER TO THE PEOPLE
Alloy headed 347ci EDXR8
13.21 @107.7mph
Quote:
Originally Posted by zetec
I know what lengths they go to to ensure it's more than just a Ford sticker on the part. Ford doesn't throw it's name on anything for a quick buck.
06 Turbo Terri AWD 6 sp in Neo with stuff i didnt even need, side steps,15.2 inch roof mounted DVD,Pioneer $tezza,Selby 30/18mm swaybars,debunged,100 cpsi Ballistic cat,Plazmaman under battery Cai injectors 14/lb boost,ZF tuned,Xtreme's magic. :
svo347 is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 09:23 PM   #15
Quasi
Boss 290 BA GT Goodness
 
Quasi's Avatar
 
Join Date: Jan 2005
Location: Canberra, Australia
Posts: 2,479
Default

Quote:
Originally Posted by Laminge
Have you completly removed firefox and deleted all files?


Now there's a good idea
__________________
Quote:
Originally Posted by Barry Sheene on a V8 Supercar telecast
Welcome to beautiful Phillip Island.....gateway to hypothermia
The Toy - 03 BA GT In 'Venom', Silver BF Stripe Kit, Non-Premium Sound, Cloth Trim, Auto, 19" Staggered Vertini, Custom Exhaust, Roof DVD

Member of the FPV & XR Owners Club of ACT

Web Links To Check Out

Shannons Club Garage

Facebook Photo Albums
Quasi is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 09:26 PM   #16
svo347
AFF's 1st DM.......
 
svo347's Avatar
 
Join Date: Dec 2004
Location: Wha???... There is only 2 states 2 be in.. WA or Drunk..
Posts: 6,200
Default

Quote:
Originally Posted by Quasi
Now there's a good idea
Yes I thought so when i tried to get rid of it the FIRST Time...
__________________
FORD GIVING POWER TO THE PEOPLE
Alloy headed 347ci EDXR8
13.21 @107.7mph
Quote:
Originally Posted by zetec
I know what lengths they go to to ensure it's more than just a Ford sticker on the part. Ford doesn't throw it's name on anything for a quick buck.
06 Turbo Terri AWD 6 sp in Neo with stuff i didnt even need, side steps,15.2 inch roof mounted DVD,Pioneer $tezza,Selby 30/18mm swaybars,debunged,100 cpsi Ballistic cat,Plazmaman under battery Cai injectors 14/lb boost,ZF tuned,Xtreme's magic. :
svo347 is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 11:08 PM   #17
svo347
AFF's 1st DM.......
 
svo347's Avatar
 
Join Date: Dec 2004
Location: Wha???... There is only 2 states 2 be in.. WA or Drunk..
Posts: 6,200
Default

Ok got the b@$t@rd... Found i had to "Manually Delete" the file.
Whenever i went to uninstall the comp asked if i wanted to delete all relevant files but constantly missed one folder/file.
Thankyou for your help people.
Muchly Appreciated.
Now back to uninterupted surf'n..
__________________
FORD GIVING POWER TO THE PEOPLE
Alloy headed 347ci EDXR8
13.21 @107.7mph
Quote:
Originally Posted by zetec
I know what lengths they go to to ensure it's more than just a Ford sticker on the part. Ford doesn't throw it's name on anything for a quick buck.
06 Turbo Terri AWD 6 sp in Neo with stuff i didnt even need, side steps,15.2 inch roof mounted DVD,Pioneer $tezza,Selby 30/18mm swaybars,debunged,100 cpsi Ballistic cat,Plazmaman under battery Cai injectors 14/lb boost,ZF tuned,Xtreme's magic. :
svo347 is offline   Reply With Quote Multi-Quote with this Post
Old 21-02-2005, 11:54 PM   #18
svo347
AFF's 1st DM.......
 
svo347's Avatar
 
Join Date: Dec 2004
Location: Wha???... There is only 2 states 2 be in.. WA or Drunk..
Posts: 6,200
Default

Scratch that... Its back bloody thing.
Look like ill be re formatting h/drive tomorrow.
Bugga.
__________________
FORD GIVING POWER TO THE PEOPLE
Alloy headed 347ci EDXR8
13.21 @107.7mph
Quote:
Originally Posted by zetec
I know what lengths they go to to ensure it's more than just a Ford sticker on the part. Ford doesn't throw it's name on anything for a quick buck.
06 Turbo Terri AWD 6 sp in Neo with stuff i didnt even need, side steps,15.2 inch roof mounted DVD,Pioneer $tezza,Selby 30/18mm swaybars,debunged,100 cpsi Ballistic cat,Plazmaman under battery Cai injectors 14/lb boost,ZF tuned,Xtreme's magic. :
svo347 is offline   Reply With Quote Multi-Quote with this Post
Old 22-02-2005, 10:01 AM   #19
RED_EL_XR8
Banned
 
RED_EL_XR8's Avatar
 
Join Date: Dec 2004
Location: Not suffering Fools Gladly!!
Posts: 2,864
Default

Quote:
Originally Posted by svo347
Scratch that... Its back bloody thing.
Look like ill be re formatting h/drive tomorrow.
Bugga.
You need to run something like hijack this or do some registry searches there will be another program or programs that are re-launching the code.

Formatting the Hard disk will fix it but you can get by without this. But odds on if you wont read this message before you have re-formatted. :Up_to_som
RED_EL_XR8 is offline   Reply With Quote Multi-Quote with this Post
Old 22-02-2005, 11:23 AM   #20
svo347
AFF's 1st DM.......
 
svo347's Avatar
 
Join Date: Dec 2004
Location: Wha???... There is only 2 states 2 be in.. WA or Drunk..
Posts: 6,200
Default

Woohooo havent formatted yet..
Will try hijack
Thanx Red.
__________________
FORD GIVING POWER TO THE PEOPLE
Alloy headed 347ci EDXR8
13.21 @107.7mph
Quote:
Originally Posted by zetec
I know what lengths they go to to ensure it's more than just a Ford sticker on the part. Ford doesn't throw it's name on anything for a quick buck.
06 Turbo Terri AWD 6 sp in Neo with stuff i didnt even need, side steps,15.2 inch roof mounted DVD,Pioneer $tezza,Selby 30/18mm swaybars,debunged,100 cpsi Ballistic cat,Plazmaman under battery Cai injectors 14/lb boost,ZF tuned,Xtreme's magic. :
svo347 is offline   Reply With Quote Multi-Quote with this Post
Old 22-02-2005, 11:34 AM   #21
RED_EL_XR8
Banned
 
RED_EL_XR8's Avatar
 
Join Date: Dec 2004
Location: Not suffering Fools Gladly!!
Posts: 2,864
Default

Quote:
Originally Posted by svo347
Woohooo havent formatted yet..
Will try hijack
Thanx Red.
Thats "Hijackthis"
RED_EL_XR8 is offline   Reply With Quote Multi-Quote with this Post
Old 23-02-2005, 01:39 AM   #22
fordel
Tricolore Tard
Contributing Member
 
fordel's Avatar
 
Join Date: Dec 2004
Location: Brisbane
Posts: 1,954
Default

And i really hope that people who are not that familiar with comptuers will pay lots of attention and caution when using this, how many people really know what to keep and what to delete out of their registry

How many people really know what the registry is in the first place.....

Could be a bad issue for non technical users

Chris
__________________
fordel is offline   Reply With Quote Multi-Quote with this Post
Old 23-02-2005, 04:34 AM   #23
Ghiadude
FORMERLY TX3DUDE
 
Ghiadude's Avatar
 
Join Date: Jan 2005
Location: "THE GONG"
Posts: 2,487
Default

dude.a few points that i have noticed...
when manually deleting you must first turn off system restore otherwise itll come back every time.

next the exploit you originally mentioned is in explorer, not firefox.
hope this helps
Ghiadude is offline   Reply With Quote Multi-Quote with this Post
Old 24-02-2005, 08:40 PM   #24
M14A-Mclaren
Foo Fighter
 
M14A-Mclaren's Avatar
 
Join Date: Jan 2005
Location: Wellington, NZ
Posts: 3,740
Default

Firefox 1.0.1 had been released, bounded to have some error fixes in there.

http://www.mozilla.org/products/firefox/

Last edited by M14A-Mclaren; 25-02-2005 at 03:09 PM.
M14A-Mclaren is offline   Reply With Quote Multi-Quote with this Post
Reply


Forum Jump


All times are GMT +11. The time now is 12:26 PM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Other than what is legally copyrighted by the respective owners, this site is copyright www.fordforums.com.au
Positive SSL