Firefox Virus

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post please read how to get help
User avatar
Pepi
Level 5
Level 5
Posts: 894
Joined: Wed Nov 18, 2009 7:47 pm

Re: Firefox Virus

Post by Pepi » Wed Jan 30, 2019 9:14 am

Image
Last edited by Moem on Wed Jan 30, 2019 9:18 am, edited 1 time in total.
Reason: Using the [rimg] tags (for remote images) makes your image appear directly inside the post.

mediclaser
Level 4
Level 4
Posts: 375
Joined: Tue Mar 20, 2018 2:28 pm

Re: Firefox Virus

Post by mediclaser » Wed Jan 30, 2019 11:11 am

I would go with the nuclear option --> reinstall Linux Mint! :twisted:
If you're looking for a greener Linux pasture, you won't find any that is greener than Linux Mint. ;)

stormryder
Level 3
Level 3
Posts: 166
Joined: Sun Nov 30, 2014 8:40 am

Re: Firefox Virus

Post by stormryder » Wed Jan 30, 2019 11:38 am

M8WHRR wrote:
Tue Jan 29, 2019 4:48 pm
I tried downloading a couple games the other day
Are they open-source? Did you get them directly from the developers or through a third party dl site? How did you install them? Were you prompted for a password when you did install them?

I'd format the drive and reinstall. No guarantee the infection is limited to your .mozilla folder in my opinion. Even if you didn't install to the system basically anything in your home folder could be compromised.

Is there any reason to take the risk, even if there is only a shadow of doubt, when restoring from your back-ups should be trivial? Follow ptor's good advice until you've got time for it,
Pjotr wrote:
Tue Jan 29, 2019 6:16 pm
I advise to run your Firefox in a sandbox
Lol firejail can't protect the user from their own mistake, but if you do need to get questionable programs from outside the repository better to run the downloaded software in firejail as well.

I run some independent software, although most of it has been in the repo at one time or another, but I always research the software extensively first.

MrGrimm
Level 5
Level 5
Posts: 648
Joined: Sun Nov 11, 2018 9:13 am

Re: Firefox Virus

Post by MrGrimm » Wed Jan 30, 2019 1:20 pm

Pjotr wrote:
Wed Jan 30, 2019 8:26 am
MrGrimm wrote:
Wed Jan 30, 2019 8:19 am
first it's not debunked advice, second it's not bad advice and you know it. you damn well know you only use the nuclear option if there is no other choice.
Deleting the current .mozilla profile isn't the nuclear option. The nuclear option, which would indeed be exaggerated, would be to delete all the contents of the personal user folder. The rest of your message is just, again, repetition of your debunked bad advice....

Peace!
https://www.youtube.com/watch?v=qfTdCYl-c70
again you are completely clueless

User avatar
Schultz
Level 7
Level 7
Posts: 1632
Joined: Thu Feb 25, 2016 8:57 pm

Re: Firefox Virus

Post by Schultz » Wed Jan 30, 2019 2:37 pm

You think creating a new profile is the nuclear option? Are you serious? :? Reinstalling the OS, that's the nuclear option. 8)

patday8472
Level 2
Level 2
Posts: 56
Joined: Mon Dec 24, 2018 2:08 pm

Re: Firefox Virus

Post by patday8472 » Wed Jan 30, 2019 3:16 pm

M8WHRR wrote:
Tue Jan 29, 2019 4:48 pm
Evening. Been using mint for a few years now, great so far. I tried downloading a couple games the other day and ever since I've had q_search jumping in on my Firefox. I search through the address bar, which is set for yahoo and it jumps to an address which is oll3.xyz

I've installed ClamAv and ClamTk, but I have no idea where to start. I've searched usr/bin and usr/bin/Firefox. Any help would be much appreciated.
I am curious which version of Linux Mint are you using? 18.1 18.2 18.3 19.0 19.1 or another version?

I have a theory but I maybe wrong. Yes, the safest way is to re-install or reinstall from a backup not timeshift if you are using that version.

User avatar
MrEen
Level 15
Level 15
Posts: 5529
Joined: Mon Jun 12, 2017 8:39 pm

Re: Firefox Virus

Post by MrEen » Wed Jan 30, 2019 4:07 pm

Hi M8WHRR.

Aren't you glad you asked for help? :wink:

Only you know what you've done up to this point. Firefox obviously has redirect malware installed but is that ALL there is?

Did you use sudo when installing the games you downloaded. If you did, there's no telling what has been installed and where. The Firefox issue might be just the tip of the iceberg.

If you want to absolutely certain your system is clean, then format your drive and reinstall your OS.

Are those saying you don't need the nuclear option going to reimburse you if you wake up one day and your bank account has been wiped clean?

Again, you're in the best position to judge the amount of damage that may have occurred. The risk assessment is yours to make.

I'm truly sorry this happened to you.

User avatar
philotux
Level 5
Level 5
Posts: 833
Joined: Sat Jul 21, 2018 11:14 am
Location: Utopia

Re: Firefox Virus

Post by philotux » Wed Jan 30, 2019 4:12 pm

MrEen wrote:
Wed Jan 30, 2019 4:07 pm
If you want to absolutely certain your system is clean, then format your drive and reinstall your OS.
Plus one!

That's why I asked:
Pjotr wrote:
Wed Jan 30, 2019 7:32 am
philotux wrote:
Wed Jan 30, 2019 7:31 am
Pjotr wrote:
Wed Jan 30, 2019 6:09 am
There's no way of knowing for sure, that a clearly infected .mozilla profile didn't also
... infects other parts of the home directory. Is it safe to assume that the malware stays contained within the .mozilla folder?
No, but that's why I advise to run your web browser in a sandbox:
https://easylinuxtipsproject.blogspot.c ... ndbox.html

User avatar
Pjotr
Level 21
Level 21
Posts: 13747
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Firefox Virus

Post by Pjotr » Wed Jan 30, 2019 4:42 pm

This thread is going from one extreme (doing far too little) to the other extreme (doing far too much). Whereas the latter is not so bad as the former, it's still exaggerated.... :wink:
Tip: 10 things to do after installing Linux Mint 19.2 Tina
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
philotux
Level 5
Level 5
Posts: 833
Joined: Sat Jul 21, 2018 11:14 am
Location: Utopia

Re: Firefox Virus

Post by philotux » Wed Jan 30, 2019 4:48 pm

Pjotr wrote:
Wed Jan 30, 2019 4:42 pm
This thread is going from one extreme (doing far too little) to the other extreme (doing far too much). Whereas the latter is not so bad as the former, it's still exaggerated.... :wink:
It's in the nature of "Malwareophobia" to get pandemic.
:lol:

User avatar
MrEen
Level 15
Level 15
Posts: 5529
Joined: Mon Jun 12, 2017 8:39 pm

Re: Firefox Virus

Post by MrEen » Wed Jan 30, 2019 5:24 pm

Pjotr wrote:
Wed Jan 30, 2019 4:42 pm
This thread is going from one extreme (doing far too little) to the other extreme (doing far too much). Whereas the latter is not so bad as the former, it's still exaggerated.... :wink:
Again, we don't know what the OP did. If sudo installthisgreatgame.sh or similar was involved, it may not be too much.

patday8472
Level 2
Level 2
Posts: 56
Joined: Mon Dec 24, 2018 2:08 pm

Re: Firefox Virus

Post by patday8472 » Wed Jan 30, 2019 5:43 pm

Not to nick pick, see when does a game cause malware if is from Ubuntu or Linux Mint PPA or even other there suppose to be checked out. That what linux was designed for to help people not get malware or viruses. Yes, I know it technically possible to get a virus in Linux.

This is just theory so don't jump down on it.

I did a 19.1 Linux mint clean installed without installing gksu. I got a malware virus in Opera. Wikipedia links were changing. It started to re-direct to bad sites. So, I reinstalled from a backup that didn't have 19.1 . So far no issues. Is it possible that 19.1 left a port open that shouldn't be. If the OP doesn't have 19.x then it could be from an update. Just for the record before that happened. I didn't visit bad sites. On the backup, I do it a little more than just formating. That would be to hard to explain in writing. Yes, the 19.1 iso past the sum256 check.


The other posters are correct. Either restore from a backup (not timeshift) or do clean reinstall of Linux Mint.
Last edited by patday8472 on Wed Jan 30, 2019 5:48 pm, edited 1 time in total.

User avatar
Pjotr
Level 21
Level 21
Posts: 13747
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Firefox Virus

Post by Pjotr » Wed Jan 30, 2019 5:46 pm

patday8472 wrote:
Wed Jan 30, 2019 5:43 pm
I got a malware virus in Opera. Wikipedia links were changing. It started to re-direct to bad sites. So, I reinstalled from a backup that didn't have 19.1 .
It would almost certainly have been enough to simply delete the Opera profile in your user account.
Tip: 10 things to do after installing Linux Mint 19.2 Tina
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
Pepi
Level 5
Level 5
Posts: 894
Joined: Wed Nov 18, 2009 7:47 pm

Re: Firefox Virus

Post by Pepi » Thu Jan 31, 2019 9:48 am

Pjotr wrote:
Wed Jan 30, 2019 4:42 pm
This thread is going from one extreme (doing far too little) to the other extreme (doing far too much). Whereas the latter is not so bad as the former, it's still exaggerated.... :wink:
Non-productive :mrgreen:

all41
Level 15
Level 15
Posts: 5695
Joined: Tue Dec 31, 2013 9:12 am
Location: Computer, Car, Cage

Re: Firefox Virus

Post by all41 » Thu Jan 31, 2019 11:29 am

The over-the-top, extreme, exaggerated, nuclear, alternative.
destroy hd.jpg
destroy hd.jpg (9.41 KiB) Viewed 278 times
:wink:

patday8472
Level 2
Level 2
Posts: 56
Joined: Mon Dec 24, 2018 2:08 pm

Re: Firefox Virus

Post by patday8472 » Thu Jan 31, 2019 1:58 pm

Pjotr wrote:
Wed Jan 30, 2019 5:46 pm
patday8472 wrote:
Wed Jan 30, 2019 5:43 pm
I got a malware virus in Opera. Wikipedia links were changing. It started to re-direct to bad sites. So, I reinstalled from a backup that didn't have 19.1 .
It would almost certainly have been enough to simply delete the Opera profile in your user account.
This is just my opinion,

Not necessarily. Can you explain why I never got a malware virus until Linux mint 19.1? I have use both Linux Mint and Ubuntu varieties for the last 10 years. I have even use Puppy Linux (Old versions) at one time. Like I said, I didn't visit bad sites. I have used Opera for long time as well. I am posting this post from Opera in Linux Mint Xfce 18.3

I think I found the bug that caused it but I am not sure. This is going to sound strange. I believe the grub files provided with 19.1 and possibly 19.0 caused this issue. I am not going to recreate it, it was a mess getting out of it. I believe the bad kernel is a separate issue. Thanks to ironically Linux mint install usb boot disk, gparted and MiniTool Partition wizard. I was able to get out of this mess and restore my computer to a time that didn't have 19.1 If it is a different software update, 18.3 will be affected. So far it hasn't happened.

Post Reply

Return to “Other topics”