X
Tap here to go to the mobile version of the site.

Support Forum

When Mozilla opens it tries to open a site which Mozilla regards as suspicious - see http://www.domain=http:%2F%2Fstatic.austral

Posted

Sometimes (not always) when I turn on my computer it opens Firefox without being asked, and attempts to open a site which Site Advisor regards as suspicious and blocks. Suspicious site address is contained within the Site Advisor warning address as below:: http://www.siteadvisor.com/restricted.html?domain=http:%2F%2Fstatic.australianbrewingcompany.com%2Fng%2F%3Fz=1%26ilmernzkvtaztus=D43D7EA9024755BC%26pu=%26s=D-firefox%26nm=ilmernzkvtaztus%26t=&originalURL=-1492158024&pip=false&premium=false&client_uid=1978693972&client_ver=3.6.3.549&client_type=IEPlugin&suite=true&aff_id=691&locale=en_gb&ui=1&os_ver=6.1.1.0

I have searched for and removed cookies containing refs to 'australianbrewingcompany' but it returns. I think that the first time this happened was after in course of a Google search I was directed to a web page which looked like a genuine Microsoft Windows page offering driver updates. Something - I cannot remember what! - about the site address made me think it was not a genuine Microsoft site, and I closed it without further action, and the australianbrewing site immediately appeared. It continues to do so. Any ideas on how to scrub it once and for all? Thanks!

Sometimes (not always) when I turn on my computer it opens Firefox without being asked, and attempts to open a site which Site Advisor regards as suspicious and blocks. Suspicious site address is contained within the Site Advisor warning address as below:: http://www.siteadvisor.com/restricted.html?domain=http:%2F%2Fstatic.australianbrewingcompany.com%2Fng%2F%3Fz=1%26ilmernzkvtaztus=D43D7EA9024755BC%26pu=%26s=D-firefox%26nm=ilmernzkvtaztus%26t=&originalURL=-1492158024&pip=false&premium=false&client_uid=1978693972&client_ver=3.6.3.549&client_type=IEPlugin&suite=true&aff_id=691&locale=en_gb&ui=1&os_ver=6.1.1.0 I have searched for and removed cookies containing refs to 'australianbrewingcompany' but it returns. I think that the first time this happened was after in course of a Google search I was directed to a web page which looked like a genuine Microsoft Windows page offering driver updates. Something - I cannot remember what! - about the site address made me think it was not a genuine Microsoft site, and I closed it without further action, and the australianbrewing site immediately appeared. It continues to do so. Any ideas on how to scrub it once and for all? Thanks!

Chosen solution

rmcguigan - further report as promised. After running a full scan with McAfee (nothing found) I tried the Microsoft Safety Scanner - same nil result. But then I tried the MalwareBytes item, and it immediately hit soeme 30 suspect items, many of them with filenames which included refs to 'buzzsearch'. I cd find no connection to any items that I had deliberately installed (the pc is new). So I allowed MalwareBytes to quarantine the lot, and so far - after some considerable further use - the Aus Brewing Co have not reappeared. So many thanks for your help, and I shall now mark it as 'problem solved'. Thanks again.

Read this answer in context 1

Additional System Details

Installed Plug-ins

  • Google Update
  • Shockwave Flash 11.9 r900
  • GEPlugin
  • SiteAdvisor
  • McAfee MSC FF plugin DLL
  • 5.1.20913.0
  • Adobe PDF Plug-In For Firefox and Netscape 10.1.8
  • BT DesktopHelp plug-in for Mozilla Browsers
  • BT Management plug-in for Mozilla Browsers
  • NPWLPG
  • Intel web components for Intel® Identity Protection Technology
  • Intel web components updater - Installs and updates the Intel web components

Application

  • Firefox 25.0.1
  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0
  • Support URL: https://support.mozilla.org/1/firefox/25.0.1/WINNT/en-GB/

Extensions

  • Autofill Forms 0.9.9.0 (autofillForms@blueimp.net)
  • McAfee SiteAdvisor 3.6.3 ({4ED1F68A-5463-4931-9384-8FFF5ED91D92})
  • Troubleshooter 1.1a (troubleshooter@mozilla.org)

Javascript

  • incrementalGCEnabled: True

Graphics

  • adapterDescription: Intel(R) HD Graphics
  • adapterDescription2:
  • adapterDeviceID: 0x0152
  • adapterDeviceID2:
  • adapterDrivers: igdumd64 igd10umd64 igd10umd64 igdumd32 igd10umd32 igd10umd32
  • adapterDrivers2:
  • adapterRAM: Unknown
  • adapterRAM2:
  • adapterVendorID: 0x8086
  • adapterVendorID2:
  • direct2DEnabled: True
  • directWriteEnabled: True
  • directWriteVersion: 6.2.9200.16492
  • driverDate: 3-19-2012
  • driverDate2:
  • driverVersion: 8.15.10.2696
  • driverVersion2:
  • info: {u'AzureCanvasBackend': u'direct2d', u'AzureFallbackCanvasBackend': u'cairo', u'AzureContentBackend': u'direct2d', u'AzureSkiaAccelerated': 0}
  • isGPU2Active: False
  • numAcceleratedWindows: 2
  • numTotalWindows: 2
  • webglRenderer: Google Inc. -- ANGLE (Intel(R) HD Graphics Direct3D9Ex vs_3_0 ps_3_0)
  • windowLayerManagerRemote: False
  • windowLayerManagerType: Direct3D 10

Modified Preferences

  • accessibility.typeaheadfind.flashBar: 0
  • browser.cache.disk.capacity: 358400
  • browser.cache.disk.smart_size.first_run: False
  • browser.cache.disk.smart_size.use_old_max: False
  • browser.cache.disk.smart_size_cached_value: 358400
  • browser.places.smartBookmarksVersion: 4
  • browser.sessionstore.upgradeBackup.latestBuildID: 20131112160018
  • browser.startup.homepage: http://uk-mg-bt.mail.yahoo.com/neo/launch?.partner=bt-1&.rand=0nheoask0f7jj
  • browser.startup.homepage_override.buildID: 20131112160018
  • browser.startup.homepage_override.mstone: 25.0.1
  • dom.mozApps.used: True
  • extensions.lastAppVersion: 25.0.1
  • font.internaluseonly.changed: False
  • gfx.direct3d.last_used_feature_level_idx: 0
  • network.cookie.cookieBehavior: 3
  • network.cookie.lifetimePolicy: 1
  • network.cookie.prefsMigrated: True
  • places.database.lastMaintenance: 1386838218
  • places.history.expiration.transient_current_max_pages: 102703
  • plugin.disable_full_page_plugin_for_types: application/pdf
  • plugin.importedState: True
  • plugin.state.npezffpi: 0
  • plugin.state.npmotive: 1
  • plugin.state.npnitromozilla: 0
  • privacy.sanitize.migrateFx3Prefs: True
  • security.mixed_content.block_active_content: False
  • storage.vacuum.last.index: 1
  • storage.vacuum.last.places.sqlite: 1386419856

Misc

  • User JS: No
  • Accessibility: No
guigs 1072 solutions 11697 answers
  1. The Anti-Virus on the computer may have settings to fire this warning, check the settings and remove any references to the page, then re-add
  2. You can try these free programs to scan for malware, which work with your existing antivirus software:

Microsoft Security Essentials is a good permanent antivirus for Windows 7/Vista/XP if you don't already have one.

Further information can be found in the Troubleshoot Firefox issues caused by malware article.

Did this fix your problems? Please report back to us!

# The Anti-Virus on the computer may have settings to fire this warning, check the settings and remove any references to the page, then re-add # You can try these free programs to scan for malware, which work with your existing antivirus software: * [http://www.microsoft.com/security/scanner/default.aspx Microsoft Safety Scanner] * [http://www.malwarebytes.org/products/malwarebytes_free/ MalwareBytes' Anti-Malware] * [http://support.kaspersky.com/faq/?qid=208283363 TDSSKiller - AntiRootkit Utility] * [http://www.surfright.nl/en/hitmanpro/ Hitman Pro] * [http://www.eset.com/us/online-scanner/ ESET Online Scanner] [http://windows.microsoft.com/MSE Microsoft Security Essentials] is a good permanent antivirus for Windows 7/Vista/XP if you don't already have one. Further information can be found in the [[Troubleshoot Firefox issues caused by malware]] article. Did this fix your problems? Please report back to us!

Question owner

rmcguigan - many thanks for your advice - I'm v grateful. I shd have said that I have McAfee installed and fully up to date - Site Advisor is part of that package. Since posting my query there have been several further appearances by the Aus Brewing Co, now in a different form warning of other problems on my pc (no doubt spurious!) and inviting me to click on links. McAfee Site Advisor seems to be catching them and redirecting me to a window of their own, and warning me not to go back to the suspect address unless I really want to. What I cannot understand is how this site is able to activate Firefox remotely without my starting it, and that it can then direct me to the suspect site. Presumably that mechanism might be an item of malware which your suggestions might tackle. I shall now try one or more of them and will report success or failure! I may leave it several days, prob after Christmas, after running your suggestions before reporting back, to see whether it has worked - the Aus Brewing Co does not seem to visit me every day! Happy Christmas, and thanks again --royalastair

rmcguigan - many thanks for your advice - I'm v grateful. I shd have said that I have McAfee installed and fully up to date - Site Advisor is part of that package. Since posting my query there have been several further appearances by the Aus Brewing Co, now in a different form warning of other problems on my pc (no doubt spurious!) and inviting me to click on links. McAfee Site Advisor seems to be catching them and redirecting me to a window of their own, and warning me not to go back to the suspect address unless I really want to. What I cannot understand is how this site is able to activate Firefox remotely without my starting it, and that it can then direct me to the suspect site. Presumably that mechanism might be an item of malware which your suggestions might tackle. I shall now try one or more of them and will report success or failure! I may leave it several days, prob after Christmas, after running your suggestions before reporting back, to see whether it has worked - the Aus Brewing Co does not seem to visit me every day! Happy Christmas, and thanks again --royalastair

Chosen Solution

rmcguigan - further report as promised. After running a full scan with McAfee (nothing found) I tried the Microsoft Safety Scanner - same nil result. But then I tried the MalwareBytes item, and it immediately hit soeme 30 suspect items, many of them with filenames which included refs to 'buzzsearch'. I cd find no connection to any items that I had deliberately installed (the pc is new). So I allowed MalwareBytes to quarantine the lot, and so far - after some considerable further use - the Aus Brewing Co have not reappeared. So many thanks for your help, and I shall now mark it as 'problem solved'. Thanks again.

rmcguigan - further report as promised. After running a full scan with McAfee (nothing found) I tried the Microsoft Safety Scanner - same nil result. But then I tried the MalwareBytes item, and it immediately hit soeme 30 suspect items, many of them with filenames which included refs to 'buzzsearch'. I cd find no connection to any items that I had deliberately installed (the pc is new). So I allowed MalwareBytes to quarantine the lot, and so far - after some considerable further use - the Aus Brewing Co have not reappeared. So many thanks for your help, and I shall now mark it as 'problem solved'. Thanks again.