Firefox Virus

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post please read how to get help
User avatar
Pepi
Level 6
Level 6
Posts: 1030
Joined: Wed Nov 18, 2009 7:47 pm

Re: Firefox Virus

Post by Pepi »

Image
Last edited by Moem on Wed Jan 30, 2019 9:18 am, edited 1 time in total.
Reason: Using the [rimg] tags (for remote images) makes your image appear directly inside the post.
mediclaser
Level 4
Level 4
Posts: 402
Joined: Tue Mar 20, 2018 2:28 pm

Re: Firefox Virus

Post by mediclaser »

I would go with the nuclear option --> reinstall Linux Mint! :twisted:
If you're looking for a greener Linux pasture, you won't find any that is greener than Linux Mint. ;)
stormryder
Level 3
Level 3
Posts: 185
Joined: Sun Nov 30, 2014 8:40 am

Re: Firefox Virus

Post by stormryder »

M8WHRR wrote:
Tue Jan 29, 2019 4:48 pm
I tried downloading a couple games the other day
Are they open-source? Did you get them directly from the developers or through a third party dl site? How did you install them? Were you prompted for a password when you did install them?

I'd format the drive and reinstall. No guarantee the infection is limited to your .mozilla folder in my opinion. Even if you didn't install to the system basically anything in your home folder could be compromised.

Is there any reason to take the risk, even if there is only a shadow of doubt, when restoring from your back-ups should be trivial? Follow ptor's good advice until you've got time for it,
Pjotr wrote:
Tue Jan 29, 2019 6:16 pm
I advise to run your Firefox in a sandbox
Lol firejail can't protect the user from their own mistake, but if you do need to get questionable programs from outside the repository better to run the downloaded software in firejail as well.

I run some independent software, although most of it has been in the repo at one time or another, but I always research the software extensively first.
MrGrimm

Re: Firefox Virus

Post by MrGrimm »

Pjotr wrote:
Wed Jan 30, 2019 8:26 am
MrGrimm wrote:
Wed Jan 30, 2019 8:19 am
first it's not debunked advice, second it's not bad advice and you know it. you damn well know you only use the nuclear option if there is no other choice.
Deleting the current .mozilla profile isn't the nuclear option. The nuclear option, which would indeed be exaggerated, would be to delete all the contents of the personal user folder. The rest of your message is just, again, repetition of your debunked bad advice....

Peace!
https://www.youtube.com/watch?v=qfTdCYl-c70
again you are completely clueless
User avatar
Schultz
Level 8
Level 8
Posts: 2073
Joined: Thu Feb 25, 2016 8:57 pm

Re: Firefox Virus

Post by Schultz »

You think creating a new profile is the nuclear option? Are you serious? :? Reinstalling the OS, that's the nuclear option. 8)
patday8472
Level 2
Level 2
Posts: 56
Joined: Mon Dec 24, 2018 2:08 pm

Re: Firefox Virus

Post by patday8472 »

M8WHRR wrote:
Tue Jan 29, 2019 4:48 pm
Evening. Been using mint for a few years now, great so far. I tried downloading a couple games the other day and ever since I've had q_search jumping in on my Firefox. I search through the address bar, which is set for yahoo and it jumps to an address which is oll3.xyz

I've installed ClamAv and ClamTk, but I have no idea where to start. I've searched usr/bin and usr/bin/Firefox. Any help would be much appreciated.
I am curious which version of Linux Mint are you using? 18.1 18.2 18.3 19.0 19.1 or another version?

I have a theory but I maybe wrong. Yes, the safest way is to re-install or reinstall from a backup not timeshift if you are using that version.
User avatar
MrEen
Level 22
Level 22
Posts: 15169
Joined: Mon Jun 12, 2017 8:39 pm

Re: Firefox Virus

Post by MrEen »

Hi M8WHRR.

Aren't you glad you asked for help? :wink:

Only you know what you've done up to this point. Firefox obviously has redirect malware installed but is that ALL there is?

Did you use sudo when installing the games you downloaded. If you did, there's no telling what has been installed and where. The Firefox issue might be just the tip of the iceberg.

If you want to absolutely certain your system is clean, then format your drive and reinstall your OS.

Are those saying you don't need the nuclear option going to reimburse you if you wake up one day and your bank account has been wiped clean?

Again, you're in the best position to judge the amount of damage that may have occurred. The risk assessment is yours to make.

I'm truly sorry this happened to you.
User avatar
philotux
Level 5
Level 5
Posts: 832
Joined: Sat Jul 21, 2018 11:14 am
Location: Utopia

Re: Firefox Virus

Post by philotux »

MrEen wrote:
Wed Jan 30, 2019 4:07 pm
If you want to absolutely certain your system is clean, then format your drive and reinstall your OS.
Plus one!

That's why I asked:
Pjotr wrote:
Wed Jan 30, 2019 7:32 am
philotux wrote:
Wed Jan 30, 2019 7:31 am
Pjotr wrote:
Wed Jan 30, 2019 6:09 am
There's no way of knowing for sure, that a clearly infected .mozilla profile didn't also
... infects other parts of the home directory. Is it safe to assume that the malware stays contained within the .mozilla folder?
No, but that's why I advise to run your web browser in a sandbox:
https://easylinuxtipsproject.blogspot.c ... ndbox.html
User avatar
Pjotr
Level 22
Level 22
Posts: 15912
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Firefox Virus

Post by Pjotr »

This thread is going from one extreme (doing far too little) to the other extreme (doing far too much). Whereas the latter is not so bad as the former, it's still exaggerated.... :wink:
Tip: 10 things to do after installing Linux Mint 20 Ulyana
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
User avatar
philotux
Level 5
Level 5
Posts: 832
Joined: Sat Jul 21, 2018 11:14 am
Location: Utopia

Re: Firefox Virus

Post by philotux »

Pjotr wrote:
Wed Jan 30, 2019 4:42 pm
This thread is going from one extreme (doing far too little) to the other extreme (doing far too much). Whereas the latter is not so bad as the former, it's still exaggerated.... :wink:
It's in the nature of "Malwareophobia" to get pandemic.
:lol:
User avatar
MrEen
Level 22
Level 22
Posts: 15169
Joined: Mon Jun 12, 2017 8:39 pm

Re: Firefox Virus

Post by MrEen »

Pjotr wrote:
Wed Jan 30, 2019 4:42 pm
This thread is going from one extreme (doing far too little) to the other extreme (doing far too much). Whereas the latter is not so bad as the former, it's still exaggerated.... :wink:
Again, we don't know what the OP did. If sudo installthisgreatgame.sh or similar was involved, it may not be too much.
patday8472
Level 2
Level 2
Posts: 56
Joined: Mon Dec 24, 2018 2:08 pm

Re: Firefox Virus

Post by patday8472 »

Not to nick pick, see when does a game cause malware if is from Ubuntu or Linux Mint PPA or even other there suppose to be checked out. That what linux was designed for to help people not get malware or viruses. Yes, I know it technically possible to get a virus in Linux.

This is just theory so don't jump down on it.

I did a 19.1 Linux mint clean installed without installing gksu. I got a malware virus in Opera. Wikipedia links were changing. It started to re-direct to bad sites. So, I reinstalled from a backup that didn't have 19.1 . So far no issues. Is it possible that 19.1 left a port open that shouldn't be. If the OP doesn't have 19.x then it could be from an update. Just for the record before that happened. I didn't visit bad sites. On the backup, I do it a little more than just formating. That would be to hard to explain in writing. Yes, the 19.1 iso past the sum256 check.


The other posters are correct. Either restore from a backup (not timeshift) or do clean reinstall of Linux Mint.
Last edited by patday8472 on Wed Jan 30, 2019 5:48 pm, edited 1 time in total.
User avatar
Pjotr
Level 22
Level 22
Posts: 15912
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Firefox Virus

Post by Pjotr »

patday8472 wrote:
Wed Jan 30, 2019 5:43 pm
I got a malware virus in Opera. Wikipedia links were changing. It started to re-direct to bad sites. So, I reinstalled from a backup that didn't have 19.1 .
It would almost certainly have been enough to simply delete the Opera profile in your user account.
Tip: 10 things to do after installing Linux Mint 20 Ulyana
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
User avatar
Pepi
Level 6
Level 6
Posts: 1030
Joined: Wed Nov 18, 2009 7:47 pm

Re: Firefox Virus

Post by Pepi »

Pjotr wrote:
Wed Jan 30, 2019 4:42 pm
This thread is going from one extreme (doing far too little) to the other extreme (doing far too much). Whereas the latter is not so bad as the former, it's still exaggerated.... :wink:
Non-productive :mrgreen:
User avatar
all41
Level 16
Level 16
Posts: 6573
Joined: Tue Dec 31, 2013 9:12 am
Location: Computer, Car, Cage

Re: Firefox Virus

Post by all41 »

The over-the-top, extreme, exaggerated, nuclear, alternative.
destroy hd.jpg
destroy hd.jpg (9.41 KiB) Viewed 391 times
:wink:
Light travels faster than sound. That's why some people appear smart until you hear what they are saying.
You will seldom see a grey-beard wearing a tinfoil hat.
patday8472
Level 2
Level 2
Posts: 56
Joined: Mon Dec 24, 2018 2:08 pm

Re: Firefox Virus

Post by patday8472 »

Pjotr wrote:
Wed Jan 30, 2019 5:46 pm
patday8472 wrote:
Wed Jan 30, 2019 5:43 pm
I got a malware virus in Opera. Wikipedia links were changing. It started to re-direct to bad sites. So, I reinstalled from a backup that didn't have 19.1 .
It would almost certainly have been enough to simply delete the Opera profile in your user account.
This is just my opinion,

Not necessarily. Can you explain why I never got a malware virus until Linux mint 19.1? I have use both Linux Mint and Ubuntu varieties for the last 10 years. I have even use Puppy Linux (Old versions) at one time. Like I said, I didn't visit bad sites. I have used Opera for long time as well. I am posting this post from Opera in Linux Mint Xfce 18.3

I think I found the bug that caused it but I am not sure. This is going to sound strange. I believe the grub files provided with 19.1 and possibly 19.0 caused this issue. I am not going to recreate it, it was a mess getting out of it. I believe the bad kernel is a separate issue. Thanks to ironically Linux mint install usb boot disk, gparted and MiniTool Partition wizard. I was able to get out of this mess and restore my computer to a time that didn't have 19.1 If it is a different software update, 18.3 will be affected. So far it hasn't happened.
Post Reply

Return to “Other topics”