Is my browser getting hijacked?
For the past week I have been getting redirected from the duckduckgo search engine; it is my default search engine. When I type in a url, I get a "duckduckgo" page saying "these are not our extensions". Whenever I try to type in a new url, it gives me the same page; no way to "accept" the page and then use the search engine.
https://help.duckduckgo.com/add-ons/removal/ It is constantly coming up when I come online. Is anyone else getting this? debian 10. |
nope
try ( from command line ) Code:
firefox --safe-mode then work out where it came from and how to stop it coming back |
Quote:
What is it if not something malicious? Is it possible that someone is sending this to my computer from their computer? "Add-ons Removing unofficial add-ons We've recently discovered some malicious Chrome extensions, often with the word "video" in the name, are incorrectly sending searches to DuckDuckGo and Bing. Some of the names we've seen are "My Video Grid", "Video Tips", and "My Vital Video". DuckDuckGo is in no way affiliated with these extensions. However, we would like to help you resolve this issue. Below are instructions on how to remove such extensions: Open Google Chrome. Click on the "More" button in the top right of your browser (it looks like three vertical dots)............." |
ah, ok
I don't know why I blindly assumed firefox I don't know how you would start chromium in the --safe-mode equivalent but it does look like you have a rogue extension installed on it Blind longshot Code:
mv ~/.chromium ~/.chromium-suspect /usr/share/chromium/extensions ~/.chromium might not exist, it is a guess on my side if you start chromium again and all is well then the culprit is in ~/.chromium-suspect Code:
find ~/.chromium-suspect |
Not sure yet if it is a re-direct or hijack of some kind or simply a complaint about some extension.
This exact phrase seems to show no web answer that I can find. "these are not our extensions" |
Quote:
|
Quote:
I'm not sure what your question is...have you followed those directions to remove the add-ons? If not, why not? |
if I use duckduckgo I get what I would expect
so yes, it would appear you have a problem. have you moved ~/.chromium yet? is it still a problem? Let us eliminate a rogue extension and then move on to something else if it proves not to be that. |
Quote:
I tried your first "blindshot" command, didn't work; no such file / directory. Tried the 2nd, it was working or hanging, but I decided to restart chromium and shut all tabs. I noticed that if I type in a specific url, it takes me to the correct page. But if i type in a search term in the url/ address bar, that's when i get the redirect. If I type in the same search term in duckduckgo's search engine "box", I don't get the problem. Before the redirects started happening over the last few weeks, when I would type something into the url bar, it didn't give me a search engine output; I think it just didn't answer the query, but no redirect. How do i "move" `/.chromium ? You mean just type in command bash? I will do it again now. Thanks. |
Appears that PDF VIEWER is malware: https://www.virusguides.com/uninstall-pdf-viewer/
|
Quote:
|
Quote:
|
Quote:
if you didn't succeed with moving ~/.chromium that is what I would expect. what did you expect? |
Quote:
|
stop...
you are running off doing random things no mention of ads popping up in your OP why do you think the PDF viewer has anything to do with it? so, please stop, calm down, chill. I will install chromium and find out where is stores the users extensions, my guess may have been wrong. but please, lets do things step by step, following instructions on random FUD blog pages are not going to help as soon as you see "download our virus scan" , close that page |
All times are GMT -5. The time now is 08:24 AM. |