I've been hit by the Partner18mydomainadvisor malware...

[rokytnji]

If this is one of those drive by surfing malware thingies just for windows. If concerned.
You can compare your ~/.mozilla folder contents with mine to see if any
~/.mozilla folder contents to mine. See if anything stands out to you.
Mine is malware free.

Code:

harry@biker1:~$ cd .mozilla
harry@biker1:~/.mozilla$ ls
extensions  firefox
harry@biker1:~/.mozilla$ cd firefox
harry@biker1:~/.mozilla/firefox$ ls
026tshko.default  Crash Reports  profiles.ini
harry@biker1:~/.mozilla/firefox$ cd 026tshko.default
harry@biker1:~/.mozilla/firefox/026tshko.default$ ls
adblockedge           healthreport             places.sqlite-wal
addons.json           healthreport.sqlite      pluginreg.dat
blocklist.xml         healthreport.sqlite-shm  prefs.js
bookmarkbackups       healthreport.sqlite-wal  search.json
cert8.db              key3.db                  secmod.db
compatibility.ini     lightweighttheme-footer  sessionCheckpoints.json
content-prefs.sqlite  lightweighttheme-header  sessionstore.bak
cookies.sqlite        localstore.rdf           sessionstore.js
cookies.sqlite-shm    lock                     signons.sqlite
cookies.sqlite-wal    logins.json              storage
crashes               lwtheme                  times.json
extensions            mimeTypes.rdf            useragentswitcher
extensions.ini        minidumps                webapps
extensions.json       netpredictions.sqlite    webappsstore.sqlite
fftmp                 permissions.sqlite       webappsstore.sqlite-shm
formhistory.sqlite    places.sqlite            webappsstore.sqlite-wal
gm_scripts            places.sqlite-shm        WOT
harry@biker1:~/.mozilla/firefox/026tshko.default$

Also my /home folder.

Code:

harry@biker1:~$ ls -a
.                    .dbus            icons         screeny
..                   Desktop          .icons        Templates
.adobe               .dmrc            Images        .themes
.asoundrc            Documents        isos          .thumbnails
.audacity-data       Downloads        .lastpass     Videos
.bash_history        .fonts           .local        Wallpaper
.bashrc              .gconf           .macromedia   .weather.sh
Books                .gimp-2.8        .moc          .Xauthority
.cache               .gksu.lock       .mozilla      .xscreensaver
ChromeOS_recoverysh  .gstreamer-0.10  .mp3splt-gtk  .xsession-errors
.config              .gtk-bookmarks   Music         .xsession-errors.old
.conkyrc             .gtkrc-2.0       Pictures
.conkyrcbk           .I

Honestly. I don't think your malware what ever can get past /home to / root but that is just my opinion being unfamiliar with this malware.