Ubuntu
firefox package

Can't get rid of this bindwood malware

Asked by Misterfixit

Something called Bindwood has attached itself to my Ubuntu Firefox installation. It crashes FF everytime I open FF except when I disable all extensions. When I open FF with extensions, Bindwood attempts to send all of my bookmarks, passwords and so forth to some unknown web site. This is evidently either a Malware or Trouble Ware or some other kind of POS that I don't want or need on my system. I've used Aptitude to completely remove FF and all componebts and then reinstall, but this Eviolware continues to show up. Anyone got a clue on this POS application???

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu firefox Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Stefan Eggers (stefan-eggers) said : 		#1

Seems to be legitimate software at first glance: https://launchpad.net/bindwood

Go to "System -> Administration -> Synaptic Package Manager", look/search for packages named "bindwood" and/or "xul-ext-bindwood", mark them for uninstallation and then apply this. It should be gone then I think.

Revision history for this message
actionparsnip (andrew-woodhead666) said : 		#2

just rename the ~/.mozilla folder then rerun. You will have a virgin profile. You can copy your bokmarks from the old profile to the new using nautilus. You will need to reinstall addons etc but it WILL work.

Revision history for this message
Soul-Sing (soulzing) said : 		#3

Please romove all cookies.

Revision history for this message
Tom (tom6) said : 		#4

Hi :)

As ActionParsnip said just get to a command-line
https://help.ubuntu.com/community/UsingTheTerminal#Starting%20a%20Terminal

mv ~/.mozilla ~/.mozilla.pos160410

Then when you open FireFox it should be all new. Now try

Edit - Preferences - Privacy

& at the bottom click on "Clear Now" to completely clear all the passwords, cookies, histories & stuff that shouldn't be there anyway with this fresh mozilla profile. Then try

Tools - AddOns

and see if it has somehow lurked it's way back in. If so then disable it and restart FireFox. Do the "Clear Now" thing again

Also it might be worth installing clamtk to do a virus scan, preferably it's recursive scan of the home folder.

Remember you can always use a LiveCd session to do a virus scan from
https://help.ubuntu.com/community/LiveCD
and install clamtk to that so that you can be 100% certain you are running from a system that can't be compromised

Please let us know how any of this goes!
Good luck and regards from
Tom :)

Revision history for this message
DesertJim (jcrmassey) said : 		#5

I had similar problems, I'm using 64 bit Ubuntu 10.04 and firefox 3.6.8 for Ubuntu. It kept asking me to log in with Username and password, only option was to disable it as it won't uninstall from FF Add Ons menu. Now everything is fine.

Only problem is I never asked to install it or sync with a couchDB, my personal belief is it came with Ubuntu one and failed during install, can't prove it though.

Revision history for this message
Tom (tom6) said : 		#6

Hi

Sorry to heqar this is still a problem with 10.04. Do you have /home on a separate partition? If so can you delete the mozilla user profile as suggested but then do a reinstall of Ubuntu without risking your other normal data&settings?

Regards from Tom :)

Revision history for this message
Tom (tom6) said : 		#7

Hi :)

Ahh, good to hear you fixed it. Have you tried uninstalling it from Synaptic Package Manager rather than from inside FF? Possibly the command-line uninstaller might do the job better as it can help you clear the cache and everythign more easily sometimes. Synaptic does ahve the options buried away in the menu's but it's not easy to find the options at first

Good lucka nd regards from Tom :)

Can you help with this problem?

Provide an answer of your own, or ask Misterfixit for more information if necessary.

To post a message you must log in.