310767 - Norton Virus report a certain virus detection when visit a certain website

Status: RESOLVED INVALID

(Firefox :: Security, defect)

Description

[pengsini]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7

in this website http://library.muzi.com/au/chinese/103858.shtml
when you click the links, a lot of popup windows appear, and 
Norton report following:
Source: C:\Documents and Settings\eric\Application
Data\Mozilla\Firefox\Profiles\qdvd8afu.default\Cache\_CACHE_002_ 
Click for more information about this threat : MHTMLRedir.Exploit

Reproducible: Couldn't Reproduce

Steps to Reproduce:
1.go to http://library.muzi.com/au/chinese/103858.shtml
2. click links there
3.

Actual Results:  
a lot of pop up windows appear
norton report: Source: C:\Documents and Settings\eric\Application
Data\Mozilla\Firefox\Profiles\qdvd8afu.default\Cache\_CACHE_002_ 
Click for more information about this threat : MHTMLRedir.Exploit

Expected Results:  
it should not infect the system with the virus

Comment 1

[Daniel Veditz [:dveditz] out until Nov 10]

Files in the "cache" directory are simply copies of web content, downloaded as
part of normal web browsing. When a virus checker notices malware in the cache
that means only that the web site had it, not that you are infected. Check the
"more information" link about the particular malware to see if you are
vulnerable and what steps to take. Typically if you were infected in fact you
would expect to see the infection detected in your windows directory, or some
other non-cache place.

MHTMLRedir.Exploit in particular only infects Internet Explorer, you don't need
to worry.