Out in a rage I typed just nonsense in Firefox, specifically this fggdfkn.net
And I was redirected to a search of searchguide.level3.com Then I got “connection was restarted”
I googled it and found THIS IS A **** VIRUS!! A browser hijacker!
So the simple fact of mistyping url addresses or nonsense in latest firefox on Leap leads to virus!!
PLEASE HELP!! I’m NOT allowed to re instalk Leap here, and if they get a word of this I’ll definitely get kicked out of this place!!
Worst of all, I’m still nbot getting any synptoms at all, so I cannot diagnose anything!
I cannot evbden typwe properly!
Many ISPs will re-direct nonsense or unresolvable names to a webpage provided by your ISP, and this appears to be what happened (your ISP is level3)
This does not result in some kind of malware infection.
Yes, there are a great many domain names associated with viruses (and yes, there is no such thing as a computer “virii” which is medically related) but unless you visit <and> are vulnerable to the specific malware, nothing will happen.
If you google searchguide.level3.com you’ll only find results telling it’s a virus from hell and similar. Why would many bother to say this if it was just sort of a “joke”?
This means level3 guys have been so naive to get infected in one of their subdomains! level3 website doesn’t even have https!
And, you say only if I were vulnerable. How the heck can I know that!? I just took the VERY FEW limited actions I could: delete firefox cache and profile, power off system and unplug AC cable. Then start up again. And of course I NEVER ever run applications as root. But I’m still worried because here in the place we get a static public IP address from ISP…
No,
The point is that if you were redirected to the level3 webpage, then you never actually went to the suspect website.
If you went <only> to the Level3 webpage and no further, then you never touched the website with potential malware.
As for whether you might be vulnerable to whatever malware <if> you actually touched that website, who knows?
But if you didn’t touch the website, then this question is moot.
Hi
I suggest you refrain from posts like this, Forum users are not all in the time zone as you, try to be a little more patient, else I see in your future the potential for Forum users to stop replying to your threads and issues…
On Fri, 20 Oct 2017 17:36:01 +0000, F style wrote:
> Out in a rage I typed just nonsense in Firefox, specifically this
> fggdfkn.net And I was redirected to a search of searchguide.level3.com
> Then I got “connection was restarted”
>
> I googled it and found THIS IS A **** VIRUS!! A browser hijacker!
> So the simple fact of mistyping url addresses or nonsense in latest
> firefox on Leap leads to virus!!
>
> PLEASE HELP!! I’m NOT allowed to re instalk Leap here, and if they get a
> word of this I’ll definitely get kicked out of this place!!
> Worst of all, I’m still nbot getting any synptoms at all, so I cannot
> diagnose anything!
> I cannot evbden typwe properly!
>
> Pleasde help1!!
Step 1: Don’t panic.
A “browser hijacker” is simply an ISP taking a non-resolvable domain and
redirecting you to a page that gives you a search option (typically)
rather than just dumping you on a “domain not found” page in your
browser. This is a totally standard practice that most modern ISPs use.
The fact that you use Level3 as your ISP (most likely - or are simply the
upstream provider to your ISP if you use a small ISP) means that they’re
just trying to help you. It’s a DNS method of saying “sorry, what did
you mean?”.
On Fri, 20 Oct 2017 23:16:01 +0000, F style wrote:
> malcolmlewis;2842426 Wrote:
>> So it just a browser hijacker…
> “JUST”?
> So am I already considered filthy wacko just like malcolm said, and thus
> I or my issues are no longer taken with importance?
Calm down, and stop putting words in peoples’ mouths. Malcolm said
nothing of the kind.
People are trying to explain to you that this is not something to worry
about. It’s a standard practice that ISPs engage in. It’s not malware,
it’s not a virus. The hits you found on Google are people who don’t
understand what DNS redirection is.
Would you rather that everyone panic along with you about something
that’s not worth panicking about? Or would you rather learn from those
with more experience?
With a login at a VT (<Ctrl-Alt-F1> . . . <Ctrl-Alt-F6>) remove everything in “~/.cache/”; ‘cd’ to “/tmp/” – remove everything there owned by the concerned user; ditto in “/var/tmp/”.
You can do all that to completely clear the cache, but in practice any time you reload/refresh a page manually, the browser is supposed to fetch the page afresh from the remote site and not from the cache.