Is "http://request.saferbrowsingcache.com/users/7a8cc2d9-ba60-4d7a-b829-a0bd8bb413ae/extensions" a genuine Firefox product?
I get an Avast page blocked threat warning for the above site every time I start Firefox. I believe Google have a similar site/product, but the address doesn't read the same. It does not appear under add-ons or extensions, but the warning always comes up. Can anyone help, and with how to deal with this if necessary?
Thanks.
Krejt Përgjigjet (4)
hi Testerchild, no this will be no legitimate site but is a symptom of malicious software that's active on your device. in order to give you more targeted advice, could you go to the firefox menu ≡ > help ? > troubleshooting information, copy the contents of that page and paste them here into a reply on the forum? thank you
Ndryshuar
Hi Philipp,
Here is what you asked for:
TROUBLE SHOOTING INFORMATION Application Basics
Name: Firefox Version: 40.0.3 Build ID: 20150826023504 Update Channel: release User Agent: Mozilla/5.0 (Windows NT 6.1; rv:40.0) Gecko/20100101 Firefox/40.0 Multiprocess Windows: 0/1 (default: false)
Crash Reports for the Last 3 Days
All Crash Reports
Extensions
Name: 1-Click YouTube Video Downloader Version: 2.4.0.1-signed Enabled: true ID: YoutubeDownloader@PeterOlayev.com
Name: Add Google Search To New Tab Page Version: 1.0.2.1-signed Enabled: true ID: newtabgoogle@graememcc.co.uk
Name: The Addon Bar (restored) Version: 3.2.1-signed Enabled: true ID: the-addon-bar@GeekInTraining-GiT
Name: Video DownloadHelper Version: 5.4.1 Enabled: true ID: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}
Name: YouTube Video and Audio Downloader Version: 0.4.5 Enabled: true ID: feca4b87-3be4-43da-a1b1-137c24220968@jetpack
Name: ZIP Player Version: 0.13 Enabled: true ID: {4299a7e8-6312-43f7-9643-fb2a2e4fa53b}
Name: Adblock Compiler Version: 1.2.10 Enabled: false ID: {0fb8338a-993f-4b0e-a012-8138e0debeae}
Name: Adblock Plus Version: 2.6.11 Enabled: false ID: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Name: Avast Online Security Version: 10.2.0.187 Enabled: false ID: wrc@avast.com
Name: Classic Toolbar Buttons Version: 1.4.9.2 Enabled: false ID: CSTBB@NArisT2_Noia4dev
Name: YouTube Unblocker Version: 0.6.17 Enabled: false ID: youtubeunblocker@unblocker.yt
Graphics
Adapter Description: Mobile Intel(R) 965 Express Chipset Family Adapter Drivers: igdumdx32 igd10umd32 Adapter RAM: Unknown Asynchronous Pan/Zoom: none Device ID: 0x2a02 Direct2D Enabled: Blocked for your graphics driver version. DirectWrite Enabled: false (6.2.9200.17461) Driver Date: 9-23-2009 Driver Version: 8.15.10.1930 GPU #2 Active: false GPU Accelerated Windows: 0/1 Basic (OMTC) Blocked for your graphics driver version. Subsys ID: 30be103c Supports Hardware H264 Decoding: false Vendor ID: 0x8086 WebGL Renderer: Blocked for your graphics driver version. windowLayerManagerRemote: true AzureCanvasBackend: skia AzureContentBackend: cairo AzureFallbackCanvasBackend: cairo AzureSkiaAccelerated: 0
Important Modified Preferences
accessibility.typeaheadfind.flashBar: 0 browser.cache.disk.capacity: 358400 browser.cache.disk.filesystem_reported: 1 browser.cache.disk.smart_size.first_run: false browser.cache.disk.smart_size.use_old_max: false browser.cache.frecency_experiment: 2 browser.download.importedFromSqlite: true browser.places.smartBookmarksVersion: 7 browser.privatebrowsing.autostart: true browser.search.useDBForOrder: true browser.sessionstore.upgradeBackup.latestBuildID: 20150513174244 browser.startup.homepage_override.buildID: 20150826023504 browser.startup.homepage_override.mstone: 40.0.3 browser.urlbar.autocomplete.enabled: false browser.urlbar.suggest.bookmark: false browser.urlbar.suggest.history: false browser.urlbar.suggest.openpage: false dom.apps.reset-permissions: true dom.mozApps.used: true extensions.lastAppVersion: 40.0.3 font.internaluseonly.changed: true gfx.blacklist.direct2d: 3 media.gmp-eme-adobe.lastUpdate: 1437828203 media.gmp-eme-adobe.version: 12 media.gmp-gmpopenh264.lastUpdate: 1431801923 media.gmp-gmpopenh264.version: 1.4 media.gmp-manager.buildID: 20150826023504 media.gmp-manager.lastCheck: 1441796846 network.auth.allow-subresource-auth: 2 network.cookie.prefsMigrated: true network.predictor.cleaned-up: true places.database.lastMaintenance: 1443304950 places.history.expiration.transient_current_max_pages: 26616 plugin.disable_full_page_plugin_for_types: application/pdf plugin.importedState: true print.printer_PrimoPDF.print_bgcolor: false print.printer_PrimoPDF.print_bgimages: false print.printer_PrimoPDF.print_colorspace: print.printer_PrimoPDF.print_command: print.printer_PrimoPDF.print_downloadfonts: false print.printer_PrimoPDF.print_duplex: 1515870810 print.printer_PrimoPDF.print_edge_bottom: 0 print.printer_PrimoPDF.print_edge_left: 0 print.printer_PrimoPDF.print_edge_right: 0 print.printer_PrimoPDF.print_edge_top: 0 print.printer_PrimoPDF.print_evenpages: true print.printer_PrimoPDF.print_footercenter: print.printer_PrimoPDF.print_footerleft: &PT print.printer_PrimoPDF.print_footerright: &D print.printer_PrimoPDF.print_headercenter: print.printer_PrimoPDF.print_headerleft: &T print.printer_PrimoPDF.print_headerright: &U print.printer_PrimoPDF.print_in_color: true print.printer_PrimoPDF.print_margin_bottom: 0.5 print.printer_PrimoPDF.print_margin_left: 0.5 print.printer_PrimoPDF.print_margin_right: 0.5 print.printer_PrimoPDF.print_margin_top: 0.5 print.printer_PrimoPDF.print_oddpages: true print.printer_PrimoPDF.print_orientation: 0 print.printer_PrimoPDF.print_page_delay: 50 print.printer_PrimoPDF.print_paper_data: 9 print.printer_PrimoPDF.print_paper_height: 11.00 print.printer_PrimoPDF.print_paper_name: print.printer_PrimoPDF.print_paper_size_type: 0 print.printer_PrimoPDF.print_paper_size_unit: 1 print.printer_PrimoPDF.print_paper_width: 8.50 print.printer_PrimoPDF.print_plex_name: print.printer_PrimoPDF.print_resolution: 1515870810 print.printer_PrimoPDF.print_resolution_name: print.printer_PrimoPDF.print_reversed: false print.printer_PrimoPDF.print_scaling: 1.00 print.printer_PrimoPDF.print_shrink_to_fit: true print.printer_PrimoPDF.print_to_file: false print.printer_PrimoPDF.print_unwriteable_margin_bottom: 0 print.printer_PrimoPDF.print_unwriteable_margin_left: 0 print.printer_PrimoPDF.print_unwriteable_margin_right: 0 print.printer_PrimoPDF.print_unwriteable_margin_top: 0 privacy.sanitize.migrateFx3Prefs: true privacy.sanitize.timeSpan: 0 storage.vacuum.last.index: 1 storage.vacuum.last.places.sqlite: 1442348941
Important Locked Preferences
JavaScript
Incremental GC: true
Accessibility
Activated: false Prevent Accessibility: 0
Library Versions
NSPR Expected minimum version: 4.10.8 Version in use: 4.10.8
NSS Expected minimum version: 3.19.2 Basic ECC Version in use: 3.19.2 Basic ECC
NSSSMIME Expected minimum version: 3.19.2 Basic ECC Version in use: 3.19.2 Basic ECC
NSSSSL Expected minimum version: 3.19.2 Basic ECC Version in use: 3.19.2 Basic ECC
NSSUTIL Expected minimum version: 3.19.2 Version in use: 3.19.2
Experimental Features
I will be out for approximately the next two hours, thanks for looking into this.
Bob
thanks bob, please start firefox into safemode once through the firefox menu ≡ > help ? > restart with addons disabled... and then go to the addons manager > extensions and remove the following entries as they will be malicious:
Name: ZIP Player
Version: 0.13
Enabled: true
ID: {4299a7e8-6312-43f7-9643-fb2a2e4fa53b}
Name: Adblock Compiler
Version: 1.2.10
Enabled: false
ID: {0fb8338a-993f-4b0e-a012-8138e0debeae}
in addition, please run a full scan of your system with different security tools like the free version of malwarebytes and adwcleaner to make sure that adware isn't present in other places of your system as well.
Preety much any officiall Mozilla product or project will be at a mozilla.org url or connected with them