LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-25-2015, 10:00 AM   #31
rtmistler
Moderator
 
Registered: Mar 2011
Location: Sutton, MA. USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu
Posts: 4,636
Blog Entries: 10

Rep: Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680

It does and doesn't sound like malware. To me it sounds like ads and such being allowed to run in your browser. I always install AdWatch and NoScript, there are other add-ons, but I install add ons intended to limit what is allowed to be run in a web page, this has always helped me immensely.

Couple of things to try. First, try the add-ons and see if they can clean this up and resolve it. Next, save any bookmarks, un-install fully Firefox and then re-install it. Put in some add-ons to block scripts and ad pop ups and use those.

Sounds like you've already done the un-install/re-install. I suspect that you had an add-on which the writers of it are all fine with, but your common user is not because all it is, is a self serving add.

I personally use Ad Block Plus and No Script.

And if you hadn't done an un-install/re-install I'd recommend you check to see what add-ons you have installed because maybe an actual malware add-on got installed and this is why you're seeing these problems.
 
Old 02-25-2015, 10:02 AM   #32
jross
Member
 
Registered: Apr 2014
Distribution: Xubuntu 14.04
Posts: 164

Rep: Reputation: Disabled
Do you have java installed? Someone brought that up in the thread, and so it would be nice to know if that was involved.
 
Old 02-25-2015, 12:43 PM   #33
loshakova
Member
 
Registered: Apr 2012
Posts: 103

Original Poster
Rep: Reputation: Disabled
@rtmistler: I uninstalled and re-installed Firefox twice yesterday. I also cleaned out my cache/cookies/history and installed AdBlock Plus. None of that worked until I did the malware scan, and the scan found 6 pieces of malware, so I suspect that it was in fact a malware issue. I just checked anyway, and there are no unfamilar extensions. I have very few.

@jross: I checked, and I seem to have Java 7 installed. Should I remove it? On Firefox, I have the Iced Tea web plug-in, which uses Java. I didn't install it myself -- I think it came with the browser. Is that bad? Should I set it to "never activate"? There are several media players there that I don't remember installing, actually, so either they came with Firefox or they are unwanted guests. If there is one you know of that's trustworthy, I can set all the others to "never activate" and see if that will help. The only one that is currently on "always activate" is Open H264 Video Codec provided by Cisco Systems, Inc. I do watch Amazon Prime videos, so I need something that will play those.
 
Old 02-25-2015, 12:48 PM   #34
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,396

Rep: Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017
Quote:
Originally Posted by loshakova View Post
@rtmistler: I uninstalled and re-installed Firefox twice yesterday. I also cleaned out my cache/cookies/history and installed AdBlock Plus. None of that worked until I did the malware scan, and the scan found 6 pieces of malware, so I suspect that it was in fact a malware issue.
Where were those files?
Uninstalling a browser does not remove your profile information (including, for example, a fake proxy configuration that points all web requests to a third party server where they can be intercepted). As we said before, you should have just switched to a clean browser profile, since that's probably the only thing that was infected.
 
Old 02-25-2015, 01:10 PM   #35
ardvark71
LQ Veteran
 
Registered: Feb 2015
Location: Oregon, USA
Distribution: Lubuntu 14.04, Windows Vista
Posts: 5,869
Blog Entries: 3

Rep: Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791Reputation: 791
Quote:
Originally Posted by loshakova View Post
I checked, and I seem to have Java 7 installed. Should I remove it?
Hi...

If it's in no way involved with the infection, I would keep it.

Regards...

Last edited by ardvark71; 02-25-2015 at 04:05 PM. Reason: Correction.
 
Old 02-25-2015, 01:56 PM   #36
loshakova
Member
 
Registered: Apr 2012
Posts: 103

Original Poster
Rep: Reputation: Disabled
@suicidal egg roll: Could you tell me how to switch to a clean browser profile?
 
Old 02-25-2015, 02:02 PM   #37
elija
Member
 
Registered: Jul 2008
Location: The garden of England. Technically, the compost heap.
Distribution: openSUSE Tumbleweed
Posts: 59

Rep: Reputation: 21
Quote:
Originally Posted by loshakova View Post
@suicidal egg roll: Could you tell me how to switch to a clean browser profile?
Close the browser and run the command mv ~/.mozilla ~/.mozilla_saved and restart the browser. That will give you a completely fresh start.
 
Old 02-25-2015, 02:02 PM   #38
rtmistler
Moderator
 
Registered: Mar 2011
Location: Sutton, MA. USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu
Posts: 4,636
Blog Entries: 10

Rep: Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680Reputation: 1680
Quote:
Originally Posted by loshakova View Post
@suicidal egg roll: Could you tell me how to switch to a clean browser profile?
I'm sure suicidaleggroll will also answer, my 2 cents is that you uninstall Firefox telling it to remove it completely, for instance on the command line you can do things like:
Code:
apt-get purge packagename
or:
apt-get remove --purge packagename
Since you've already un-installed and re-installed, this step might not be needed.

And then remove the .mozilla directory from your user home, you can rename it to save what it has and then later get rid of it once you grab information like bookmarks and stuff from it.

Last edited by rtmistler; 02-25-2015 at 02:04 PM.
 
Old 02-25-2015, 02:29 PM   #39
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,396

Rep: Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017Reputation: 2017
As they said above, firefox stores all of its profile data in ~/.mozilla/. So just delete or rename that directory and launch firefox to start with a clean profile.
 
Old 02-25-2015, 03:35 PM   #40
loshakova
Member
 
Registered: Apr 2012
Posts: 103

Original Poster
Rep: Reputation: Disabled
I'm going to mark this as solved, because it seems to be for the moment. I will open a new thread if more issues crop up later. Thanks, everyone.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Spyware Malware removal software in Linux Mint? Novatian Linux - Security 4 12-13-2014 09:17 AM
Malware infection in Linux snatale1 Linux - Software 12 01-12-2012 02:29 PM
[SOLVED] malware scanner for Mint? catilley1092 Linux - Security 5 03-28-2010 12:22 AM
[SOLVED] May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 22 08-17-2008 01:05 PM
May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 1 06-12-2008 05:10 AM


All times are GMT -5. The time now is 06:32 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration