Avast WEBforum
Other => Viruses and worms => Topic started by: polonus on April 27, 2010, 12:18:38 AM
-
Hi forum friends,
Page opened up: htxp://a1b08eb4.linkbucks.com/
How to get this from your computer? Blocked it with NoScript,
polonus
-
Hi forum friends,
Page opened up: htxp://a1b08eb4.linkbucks.com/
How to get this from your computer? Blocked it with NoScript,
polonus
Did you get this from surfing a hacked site..? http://wordpress.org/support/topic/377664
Or did you mean it opens from your pc? Check your hosts file!
Or didn't i get your question right..?
asyn
-
polonus+infected pc=CONFUSED ??? ???
what is the question,or what do you mean :-\
-
polonus+infected pc=CONFUSED ??? ???
Yes, i wonder, too. :(
But it can happen to all of us unexpected...
asyn
-
Hi Asyn,
It appeared from a site that was apparently hacked, and the redirect would now go exclusively via the LinkBucks. I had NoScript and RequestPolicy installed in that browser, so I had an escape, and I found later that ABP+ is just being circumvented by it (I had ABP+ there too).
Sometimes one can get LinkBucks re-directs through a Conficker worm infection, but there avast would have alterted. What I did is block LinkBucks in NS and RP, also checked the SpywareBlaster snapshot. That did not find any changes to the last time the snapshot of my Vista OS settings was made, I looked for specific dll's, nothing there, nor anything out of the ordinary seen to processes in Process Explorer. This is closest to what I experienced the Rapidshare annoyment:
http://www.technize.com/remove-waiting-time-in-rapidshare-and-other-sites/
SkipScreen, a free firefox extension, comes to help here. SkipScreen is a firefox extension that bypasses the waiting time on Rapidshare and many other sites. The list of sites is given below:
zShare
Mediafire
Sendspace
Sharebee
Rapidshare
Megaupload
DepositFiles
Linkbucks
Link-protector
This add-on is controversial Re: http://www.maximumpc.com/article/news/mediafire_not_too_happy_about_skipscreen_firefox_addon
polonus
-
I wish it is just an annoy made by download websites.
anyway we all get some of those from time to time
-
Hi superhacker,
It is annoying. Here is a removal script for those that have it on their websites:
http://userscripts.org/scripts/review/56273
polonus
-
thanks ;)
-
Hi Superhacker,
Here you have this same code compressed:
var url=document.URL.split("url/")[1];window.location=url;
pol
-
Hi Asyn,
It appeared from a site that was apparently hacked, and the redirect would now go exclusively via the LinkBucks. I had NoScript and RequestPolicy installed in that browser, so I had an escape, and I found later that ABP+ is just being circumvented by it (I had ABP+ there too).
Sometimes one can get LinkBucks re-directs through a Conficker worm infection, but there avast would have alterted. What I did is block LinkBucks in NS and RP, also checked the SpywareBlaster snapshot. That did not find any changes to the last time the snapshot of my Vista OS settings was made, I looked for specific dll's, nothing there, nor anything out of the ordinary seen to processes in Process Explorer.
Hi D, good you could catch it early enough..!! :)
(Malware Domains Filter Abo for AB+ http://malwaredomains.lanik.us/malwaredomains_full.txt)
asyn