malware in firefox?
 

Hi,

Firefox slowed to a crawl on my computer. I searched using clamav and found a "SearchBar", but eliminating it did not speed it up. I eventually renamed ~/.mozilla and urpme'd then urpmi'd firefox - this brought it back to normal speed.

However, I'm guessing there is some malware in my old configuration files and that those signatures should be added to clamav, and also, that desktop systems have clamd installed and running on them by default.

What should I do now?

Possibly not...I had the same thing, but I had to clean out the downloads list. Does FF do this: slow down to a crawl, lotsa disk activity then "pick up" again? If so, try to clean up the download list.

FF uses slqite to access/build the download list (is is a database...) so you ma see this in the ps -A list too...

Luck

Thor

Any malware running on Firefox on Linux will have to be cross platform - EG a browser addon. Did you try running Firefox in safe mode?

Try installing and using Bleachbit.

BleachBit deletes unnecessary files to free valuable disk space, maintain
privacy, and remove junk. It removes cache, Internet history, temporary files,
cookies, and broken shortcuts.

It handles cleaning of Adobe Reader, Bash, Beagle, Epiphany, Firefox, Flash,
GIMP, Google Earth, Java, KDE, OpenOffice.org, Opera, RealPlayer, rpmbuild,
Second Life Viewer, VIM, XChat, and more.

Beyond simply erasing junk files, BleachBit wipes free disk space (to hide
previously deleted files for privacy and to improve compression of images),
vacuums Firefox databases (to improve performance without deleting data), and
securely shreds arbitrary files.
Homepage: http://bleachbit.sourceforge.net

or Nixory - Antispyware tool for Firefox, IE, Chrome - http://nixory.sourceforge.net/

that search bar might be from oracle's java install

if you are not using the one in your distros repo.

there is also a Apple mac virus that will run ( bu not install ) on linux .A reboot removes it.

Now "slowing to a crawl"
could be ff prefetchng links on whatever site you were on and one of the "prefetched" had a mess of advertising or a video ,or something

This sounds kinda weird. Care to elaborate?

That too, of course...it could be a clever idea to set the home page to something more static (www.linuxmanpages.com for example) to have a clean start up...eh, just me thinking out loud way too early in the morning...

Sorry, I didn't explain fully. Since most malware is written for Windows, the only malware I know of that's out there which will run on Linux has to be cross platform, since there isn't much written for Linux itself. Especially in the realm of browser *sploits, since most Linux desktops are pretty well locked down, as well as being used by technical users and kept up to date. Not to mention the fact that everyone and their mother prefers a different browser. It's not like Windows :D

cross platform even on windows to get the same code to do the same thing in IE7,IE8,IE9 and in FF3.6 and ff4 AND opera
is hard but is being done

about 2 months ago a notice went out that a Windows/MAC virus for FF was by shear random chance was able to run ( but NOT install - ran in ram )
to uninstall it on linux -- reboot

personally I am more worried about a rootkit that a virus
but some of the javascript stuff ?? who knows . But rebooting will stop that stuff, seeing as to would be running in system ram and not installed .

Right now just doing the normal everyday basics will keep all but the most determined "cracker" off your system
run no-script
run add block pulse
link ~/.macromedia/Flash_Player/#SharedObjects to /dev/null
type in the web address from the advertising that pops up and DO NOT click on the advertising
stay updated
do not run the gui as root
-- and so no ---