MozillaZine

Virus from FireFox?

User Help for Mozilla Firefox
PunkPredator

User avatar
 
Posts: 4
Joined: November 5th, 2012, 11:01 pm
Location: Daytona Beach FL

Post Posted November 5th, 2012, 11:22 pm

(not sure if I posted this in the right place...)
I'm not sure if it actually is, or what It could have came from but, I just found a virus on my computer that came from FireFox.
Image
I didn't go to any website that might have gave me the virus. However, It is possible that I got this virus from a different Wifi I was connected to for the past few days. Over the weekend, I was in the Hospital with my family and I was using my laptop to update my sisters friends on the birth of her baby. I was connected to the Hospitals Wifi for a while and it was running a lot slower. Also, Every other time I have connected to that Hospital's Wifi I would end up getting some type of virus. The first time it was a bunch of different Trojans, a Keylogger and a virus scan program that I've never seen before. The viruses blamed a program I had on my computer for the virus when I know that couldn't have done it. Also, about a week ago after getting out of the Hospital again, I ran another scan and it picked up a "Trojan horse Generic30.MFJ" that supposedly came from a game called WolfTeam that I have had on this computer for some time now and I haven't even used it within the time the threat was detected. I posted on WolfTeam's forums about it and they said it is possible that the virus blamed WolfTeam. And now, I ran another scan after leaving the Hospital and it picked up "Virus found Script Generic" in C:\Users\Wulffi\AppData\Local\Mozzila\Firefox\Profiles\18dbvggk.default\Cache\4\EA\68654d01
So, I am not sure if this in fact did come from FireFox or some site I visited on FireFox or if I got it from a different Wifi. All I know is, I want to know what it is so I can stop it from happening. My laptop's performance has gotten a lot worse over the past few days as well.

James
Moderator

User avatar
 
Posts: 25579
Joined: June 18th, 2003, 3:07 pm
Location: Made in Canada

Post Posted November 5th, 2012, 11:40 pm

No it most certainly did not come from any Firefox browser install or update from Mozilla.org

You stated it was located in the Cache so therefore it is harmless there unless you do something like try to run it yourself. It will get overridden by images and other things as Cache gets used up or you can clear the Cache yourself in Firefox either by Tools->Clear Recent History or by Firefox Button (or Tools) ->Options->Advanced->Network->Cached web content [Clear Now]

Your Virus scanner was making you think it was a big deal when it is not.

The Profiles folder is where your settings for Bookmarks, cookies, passwords and such are located as they are not in Program folder as that one is just a Profile template.
http://kb.mozillazine.org/Profile_folder_-_Firefox#Windows

For the website you could use say this to see whether site is infected. Change the http://www.urlofsite.com to the website
http://www.google.com/safebrowsing/diagnostic?site=www.urlofsite.com
(*.mozillaZine.org is not Mozilla!)
The Complaint Department at Mozilla (current complaints) (<It is not a real complaint site but for jokes/testing of bugzilla).
The Complaint department link is borked until unknown time.

LoudNoise
Moderator

User avatar
 
Posts: 38855
Joined: October 18th, 2007, 1:45 pm
Location: Next door to the west

Post Posted November 5th, 2012, 11:54 pm

Since it is AVG there is a better chance it is nothing more then false positive.
Post wrangler
"If you lock this, the Pentium IIs win." - anonymous

PunkPredator

User avatar
 
Posts: 4
Joined: November 5th, 2012, 11:01 pm
Location: Daytona Beach FL

Post Posted November 6th, 2012, 12:07 am

James wrote:No it most certainly did not come from any Firefox browser install or update from Mozilla.org

You stated it was located in the Cache so therefore it is harmless there unless you do something like try to run it yourself. It will get overridden by images and other things as Cache gets used up or you can clear the Cache yourself in Firefox either by Tools->Clear Recent History or by Firefox Button (or Tools) ->Options->Advanced->Network->Cached web content [Clear Now]

Your Virus scanner was making you think it was a big deal when it is not.

The Profiles folder is where your settings for Bookmarks, cookies, passwords and such are located as they are not in Program folder as that one is just a Profile template.
http://kb.mozillazine.org/Profile_folder_-_Firefox#Windows

For the website you could use say this to see whether site is infected. Change the http://www.urlofsite.com to the website
http://www.google.com/safebrowsing/diagnostic?site=www.urlofsite.com

Ok, I just cleared out everything and now it seems to be running better. I wasn't sure if it was something to be really concerned about, I don't want to get another huge virus like the last one. As for knowing if a site is dangerous, I do have the AVG toolbar which tells me if the site is safe or not. As far as I know it works perfectly fine.

LoudNoise wrote:Since it is AVG there is a better chance it is nothing more then false positive.

AVG does things like this all the time?

-----
Anyway, Thanks for the help!

malliz
Folder@Home

User avatar
 
Posts: 41891
Joined: December 7th, 2002, 4:34 am
Location: Aus

Post Posted November 6th, 2012, 12:10 am

PunkPredator wrote:
LoudNoise wrote:Since it is AVG there is a better chance it is nothing more then false positive.

AVG does things like this all the time?

It certainly has that reputation
What sort of man would put a known criminal in charge of a major branch of government? Apart from, say, the average voter.
"Terry Pratchett"

PunkPredator

User avatar
 
Posts: 4
Joined: November 5th, 2012, 11:01 pm
Location: Daytona Beach FL

Post Posted November 6th, 2012, 12:11 am

malliz wrote:
PunkPredator wrote:
LoudNoise wrote:Since it is AVG there is a better chance it is nothing more then false positive.

AVG does things like this all the time?

It certainly has that reputation

Wow, I never knew that.

MarkRH

User avatar
 
Posts: 728
Joined: September 12th, 2007, 2:30 am
Location: Oklahoma City, OK

Post Posted November 6th, 2012, 1:21 am

Kinda makes one wonder what's floating around on the hospital's computer systems. One would hope they don't attach to this open WiFi.

chrissyT
 
Posts: 1
Joined: November 6th, 2012, 6:32 am

Post Posted November 6th, 2012, 6:42 am

I too have got a message three days ago Trojan horse generic30.OVT it was found in C:Windows\System32\hkcmd.exe(3864).It has scanned everyday & caught it every day but not removed it.It's reapplying itself.I have Avg safe search Motzilla firefox too how can I get rid of this?

PunkPredator

User avatar
 
Posts: 4
Joined: November 5th, 2012, 11:01 pm
Location: Daytona Beach FL

Post Posted November 6th, 2012, 8:32 am

MarkRH wrote:Kinda makes one wonder what's floating around on the hospital's computer systems. One would hope they don't attach to this open WiFi.

Yeah I know. I'm always afraid of connecting to it since one of the times I almost lost my whole computer due to a virus I got right after connecting to that WiFi.

chrissyT wrote:I too have got a message three days ago Trojan horse generic30.OVT it was found in C:Windows\System32\hkcmd.exe(3864).It has scanned everyday & caught it every day but not removed it.It's reapplying itself.I have Avg safe search Motzilla firefox too how can I get rid of this?

I'm not completely sure myself. Every time AVG caught a virus it has removed it. However, when I got that really bad virus it had quite a few different Trojans and a Keylogger on it. AVG tried to remove them but they kept coming back. My mom had to keep going into the registry to try and remove it but that didn't work either. We ended up having to change the computer's date about a week or two ahead of time and that actually worked.

Is it just that Trojan or is there anything else popping up or going on?

DanRaisch
Moderator

User avatar
 
Posts: 107318
Joined: September 23rd, 2004, 8:57 pm
Location: Somewhere on the East Coast

Post Posted November 6th, 2012, 9:00 am

Install and run these programs, consecutively, not simultaneously.
http://www.malwarebytes.org/mbam.php
http://www.superantispyware.com/
http://www.safer-networking.org/en/index.html

If these don't find it or can't clear it, post in one of these forums for specialized malware removal help:
http://www.spywarewarrior.com/index.php
http://bleepingcomputer.com/
http://www.spywareinfoforum.com/
http://aumha.net/viewforum.php?f=30

dfoulkes

User avatar
 
Posts: 18611
Joined: June 28th, 2008, 10:31 pm
Location: Mesquite, Nevada

Post Posted November 6th, 2012, 9:01 am

Download and install Malwarebytes... it's free and can be started up while your other AV software is running... run its scan to see what you get...

Malwarebytes' Anti-Malware

BTW... you might want to review Avast...
http://www.avast.com/index
As you can see she's (The CAT) always alert and on the prowl for Meoware !!

Milleniumbar
 
Posts: 5
Joined: November 4th, 2012, 3:18 pm

Post Posted November 8th, 2012, 1:22 am

DanRaisch wrote:Install and run these programs, consecutively, not simultaneously.
http://www.malwarebytes.org/mbam.php
http://www.superantispyware.com/
http://www.safer-networking.org/en/index.html

If these don't find it or can't clear it, post in one of these forums for specialized malware removal help:
http://www.spywarewarrior.com/index.php
http://bleepingcomputer.com/
http://www.spywareinfoforum.com/
http://aumha.net/viewforum.php?f=30


Malwarebytes is a specialty eradicator, finding what other companies miss, so should not be your only malware scanner. WinMHR is great for locating non-rootkit known hashes of infectors. WinMHR supplies hashes to all of the AV vendors, so their database is fairly large when compared to an individual AV.
Viper is pretty decent with their daily/weekly free scanner.

Return to Firefox Support


Who is online

Users browsing this forum: aloisio, Google [Bot] and 22 guests