Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox 44.0.2 acting funning after following link.


  • Please log in to reply
18 replies to this topic

#1 SuperSapien64

SuperSapien64

  • Members
  • 934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 PM

Posted 25 February 2016 - 04:24 AM

For the last few days now my Firefox has been acting up after trying download Zorin OS from the website, some of the bugs I've noticed have been when I'm listening to podcast or news on YouTube while browsing wallpaper sites and if I click the middle scroll wheel on an image on a wallpaper site it loads the YT video I'm listening to in that tab. Also just last night I went to Urban Dictionary the whole browser glitched out and it kinda looked like it was in full screen mode because different elements weren't visible such as the tabs,bookmarks bar and add-ons. And I didn't really notice any major bugs until was redirected here https:// bit.ly/91core64 on the Zorin OS website.

 

 

 

 

Linux Mint Cinnamon 17.1 64bit

Firefox 44.0.1


Edited by SuperSapien64, 25 February 2016 - 04:37 AM.


BC AdBot (Login to Remove)

 


#2 Al1000

Al1000

  • Global Moderator
  • 7,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:02:48 AM

Posted 25 February 2016 - 06:29 AM

The url you posted leads to sourceforge.net.

Please post the full url of the web page you are referring to.

Edited by Al1000, 25 February 2016 - 06:29 AM.


#3 Guest_GNULINUX_*

Guest_GNULINUX_*

  • Guests
  • OFFLINE
  •  

Posted 25 February 2016 - 01:08 PM

First of all:
That bit.ly url is a legit url to download the Zorin OS 9 Core x64, see this page.
 
Second:
SuperSapien64, just saying...
You are aware that the "middle click" has a paste function for anything that is highlighted (or copied) on Linux?
 
Example: Highlight following text, no need to copy it just leave it highlighted!

I believe you!

Now open any text editor or even the terminal and middle click on an empty space...

Could that explain some of the weird behavior?

 

Third:

In Firefox (44.0.2) I cannot replicate your issue.

If I middle click an image it opens in a new tab, if I left click it opens in the same tab...

Maybe look in the Firefox Preferences-General "Tabs" if it matches the behavior you want!

"F11" gives me full screen mode or gets me out of it. Could you have hit the key accidentally?

 

I hope this helps or at least gives you some extra info!  :wink:

 

Greets!



#4 SuperSapien64

SuperSapien64
  • Topic Starter

  • Members
  • 934 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 25 February 2016 - 06:36 PM

The url you posted leads to sourceforge.net.

Please post the full url of the web page you are referring to.

https://bit.ly/91core64 the most recent Web Of Trust user reviews says this domain is fishy https://bit.ly

 

First of all:
That bit.ly url is a legit url to download the Zorin OS 9 Core x64, see this page.
 
Second:
SuperSapien64, just saying...
You are aware that the "middle click" has a paste function for anything that is highlighted (or copied) on Linux?
 
Example: Highlight following text, no need to copy it just leave it highlighted!

I believe you!

Now open any text editor or even the terminal and middle click on an empty space...

Could that explain some of the weird behavior?

 

Third:

In Firefox (44.0.2) I cannot replicate your issue.

If I middle click an image it opens in a new tab, if I left click it opens in the same tab...

Maybe look in the Firefox Preferences-General "Tabs" if it matches the behavior you want!

"F11" gives me full screen mode or gets me out of it. Could you have hit the key accidentally?

 

I hope this helps or at least gives you some extra info!  :wink:

 

Greets!

Part of the reason I suspected that link of being malicious is because Fox Web Security said it was suspicious domain by Comodo DNS. And yes after copying a url and middle clicking on a wallpaper image in Firefox it loaded the url so thanks. :thumbup2:

Also I made typo I meant to say Firefox 44.0.2 that I'm running. No I didn't accidentally hit the F11 key fullscreen mode was the best way to describe it's appearance because when I moved the cursor over the tabs, bookmarks toolbar and other elements they became visible but all distorted, maybe it was a fluke.



#5 Al1000

Al1000

  • Global Moderator
  • 7,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:08:48 PM

Posted 26 February 2016 - 04:03 AM

https://bit.ly/91core64 the most recent Web Of Trust user reviews says this domain is fishy https://bit.ly


People don't know what site they're going to unless you use the site's full url, like this:

https://sourceforge.net/projects/zorin-os/files/9/zorin-os-9.1-core-64.iso/download

or this:

link

#6 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:02:48 AM

Posted 26 February 2016 - 04:26 AM

 

https://bit.ly

is a url shortner.

You can preview the Bitlink before clicking on it.

To do this, simply add a + sign to the end of any Bitlink in your browser

 

EG

https://bitly.com/91core64+


#7 Al1000

Al1000

  • Global Moderator
  • 7,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:11:48 AM

Posted 26 February 2016 - 04:31 AM

To do this, simply add a + sign to the end of any Bitlink in your browser


That's interesting. I didn't know that.

I see these shortened urls all the time on Twitter, but don't see the point of using them on Bleeping Computer.

#8 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:02:48 AM

Posted 26 February 2016 - 04:37 AM

By doing it that way you shorten links and can track how many hits it gets etc.

 

EG.

Traffic
292,297
total clicks

292,296 clicks (>99.9%) on this Bitlink

1 clicks (<0.1%) on other Bitlinks to this content

Edited by NickAu, 26 February 2016 - 04:48 AM.


#9 Al1000

Al1000

  • Global Moderator
  • 7,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:11:48 AM

Posted 26 February 2016 - 05:19 AM

can track how many hits it gets


That's interesting too. I didn't know that either.

The fact remains though that people would have to add a "+" sign and browse to bitly.com (assuming they know to do so) just to see what site the link is to, whereas they only need to read the link if the full url is posted.

#10 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:02:48 AM

Posted 26 February 2016 - 05:54 AM

 

https://bit.ly/91core64 the most recent Web Of Trust user reviews says this domain is fishy https://bit.ly


People don't know what site they're going to unless you use the site's full url, like this:

https://sourceforge.net/projects/zorin-os/files/9/zorin-os-9.1-core-64.iso/download

or this:

link

 

 

uBlock Origin is blocking these Zorin OS links for my safety on both Firefox & Google Chrome, so don't know what's going on. 

 

Being that two browsers has blocked access, usually means something's up. 

 

Here's the Zorin OS site, the home page, it comes up, if that's the wanted content. Those others are 3rd party links via Sourceforge. I get my Linux download links from the distro site, not a 3rd party one, though the download mirrors will often be 3rd party hosts. 

 

http://zorinos.com/

 

EDIT: Even the Zorin home page gives the same warning when clicking the download links. Evidently Zorin doesn't use the same mirrors that other Linux distros does. 

 

Cat


Edited by cat1092, 26 February 2016 - 06:15 AM.

Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#11 SuperSapien64

SuperSapien64
  • Topic Starter

  • Members
  • 934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:48 PM

Posted 26 February 2016 - 06:36 PM

 

 

https://bit.ly/91core64 the most recent Web Of Trust user reviews says this domain is fishy https://bit.ly


People don't know what site they're going to unless you use the site's full url, like this:

https://sourceforge.net/projects/zorin-os/files/9/zorin-os-9.1-core-64.iso/download

or this:

link

 

 

uBlock Origin is blocking these Zorin OS links for my safety on both Firefox & Google Chrome, so don't know what's going on. 

 

Being that two browsers has blocked access, usually means something's up. 

 

Here's the Zorin OS site, the home page, it comes up, if that's the wanted content. Those others are 3rd party links via Sourceforge. I get my Linux download links from the distro site, not a 3rd party one, though the download mirrors will often be 3rd party hosts. 

 

http://zorinos.com/

 

EDIT: Even the Zorin home page gives the same warning when clicking the download links. Evidently Zorin doesn't use the same mirrors that other Linux distros does. 

 

Cat

 

Thats strange Ublock Origin isn't blocking those links for me and I have all the Malware domains checked. Either way I still think those links are suspicious and I might have been infected by them.



#12 pcpunk

pcpunk

  • Members
  • 5,977 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:08:48 PM

Posted 26 February 2016 - 09:19 PM

This might not be very technical, but I always have good luck with Clamav scans.  I Quarantine anything that is not important, especially Browser Stuff in your situation.  Perhaps this is just a Browser Infection and this will clean it up for you.  After this is done I always Re-boot.  If you are unsure about a file post back before before you Delete it.  You can always replace the Quarantined file if things are not working properly.  People always say Clamav is only for Windows Infections, and was designed for email applications, but it always works for me.  So perhaps some of these Windows infections still affect us somehow.  I always get CVE's in Browser files for some reason.


Edited by pcpunk, 26 February 2016 - 09:29 PM.

sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#13 SuperSapien64

SuperSapien64
  • Topic Starter

  • Members
  • 934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:48 PM

Posted 26 February 2016 - 10:52 PM

This might not be very technical, but I always have good luck with Clamav scans.  I Quarantine anything that is not important, especially Browser Stuff in your situation.  Perhaps this is just a Browser Infection and this will clean it up for you.  After this is done I always Re-boot.  If you are unsure about a file post back before before you Delete it.  You can always replace the Quarantined file if things are not working properly.  People always say Clamav is only for Windows Infections, and was designed for email applications, but it always works for me.  So perhaps some of these Windows infections still affect us somehow.  I always get CVE's in Browser files for some reason.

Well I scanned with ClamTK (PUAs enabled) and I quarantined this /home/mkmint/.config/chromium/Default/Extensions/jeoacafpbcihiomhlakheieifhpjdfeo/5.18.23_0/scripts/vendor/tipped/tipped.js (everything else was a false positive) but after doing that I had difficulty trying to open Keepas2 so I restored it. Also my friend made a good point today maybe it's a video driver issue that I'm experiencing, it's been over two years since I had Windows on my Lenovo ThinkPad Edge laptop and I haven't been able to update the firmware since. About a three weeks ago I was having performance issues on my laptop and I had to change some settings in Linux Mint Cinnamon and my Bios to fix it.


Edited by SuperSapien64, 26 February 2016 - 11:12 PM.


#14 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:08:48 PM

Posted 26 February 2016 - 11:52 PM

 

uBlock Origin has prevented the following page from loading:

 

 

Because of the following filter

||sourceforge.net^$document

Found in: uBlock filters – Badware risks

 

ublock origin blocks sourceforge because after the new owners took over they started

bundling crapware in the installers.

A lot of devs abandoned their SF projects and moved to git.

VLC vs Sourceforge: https://blog.l0cal.com/2015/06/02/what-happened-to-sourceforge/

GIMP vs Sourceforge: http://libregraphicsworld.org/blog/entry/anatomy-of-sourceforge-gimp-controversy

When I need something from SF i just hit the disable button 'temporarily' or

go to Linux Tracker if you would rather use P2P.

http://www.linuxtracker.org/category/zorin


rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.


#15 SuperSapien64

SuperSapien64
  • Topic Starter

  • Members
  • 934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 PM

Posted 27 February 2016 - 12:00 AM

 

 

uBlock Origin has prevented the following page from loading:

 

 

Because of the following filter

||sourceforge.net^$document

Found in: uBlock filters – Badware risks

 

ublock origin blocks sourceforge because after the new owners took over they started

bundling crapware in the installers.

A lot of devs abandoned their SF projects and moved to git.

VLC vs Sourceforge: https://blog.l0cal.com/2015/06/02/what-happened-to-sourceforge/

GIMP vs Sourceforge: http://libregraphicsworld.org/blog/entry/anatomy-of-sourceforge-gimp-controversy

When I need something from SF i just hit the disable button 'temporarily' or

go to Linux Tracker if you would rather use P2P.

http://www.linuxtracker.org/category/zorin

 

Oh yes Ublock Origin blocks SourceForge I thought we were talking about this link https://bit.ly because Ublock Origin doesn't block that.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users