1 2 Previous Next 15 Replies Latest reply on Apr 15, 2013 12:38 PM by Peter M

    Browser hijack


      Hi, folks. Just joined and needing your help to resolve a problem.


      Browsers on my pc and laptop have been hijacked by Linkbucks.com. When surfing, clicking on any links are redirected to this crowd. Seems to be associated with malware but Mcafee scans on both come up clean. I've checked the web - there does not appear to be any easy fix. Lots of complicated routes to take but not all seem to work apparently.


      Has anyone suffered the same and found a solution ?   Apologies if there is already a thread previously running on this subject.



        • 1. Re: Browser hijack
          Peter M

          See the last link in my signature below.  try first to use System Restore to go back to before all this started.  Then try the Malwarebytes Free and perhaps McAfee Stinger as well.

          • 2. Re: Browser hijack

            Hi, Peter


            Many thanks for your advice. I'll start working through these processes.


            One question. I read somewhere that malware, of this sort ,could also infect a wifi router. Would I be best to re-configure at a certain stage  in case of further infection  ?


            Best regards.

            • 3. Re: Browser hijack
              Peter M

              I've not heard that myself and am not sure how a router itself could become infected as it doesn't have an operating system per se.   Perhaps use Hijackthis or DDS as suggested near the end of that link and ask on one of the recommended forums along with your log.

              • 4. Re: Browser hijack

                Hi, yes I have had this malware. McAfee does not catch it and neither does Malware Bytes. I had the problem on my home PC, the wifi lap top and the wifi IPAD. The problem was in the router. I reset the router to the factory settings. This is not achieved by just powering off the router, it needs to be reset and there is a small reset hole on my router into which you poke a pen or pencil point. Once the router has been reset you need to re-install the router so make sure you know all the required details before you reset. The problem is that the malware has broken through the password of the router, which is often something very simple such as ADMIN. Mine was BT. Change this password to something more sensible so that the malware does not get through again

                • 5. Re: Browser hijack
                  Peter M

                  Thanks for that information.   Hopefully it will help others.

                  • 6. Re: Browser hijack

                    Thank you both very much.  System restore did not cure problem.


                    I used Stinger and it identified  win32/heur.e!sti  infecting the PC and laptop. It has since removed. Subsequent scans by Stinger comes up clear (on both ).


                    I then used GetSups to scan on just PC. It found one suspicious file. I put in my email address and sent a few days ago and await a reply ( not sure usual timescale for result ).


                    Next day , found Linkbucks had now spread to my Ipod Touch.


                    As Bobbucks suggested, I reset router changing network name and password. I had high hopes that was solution. Alas,  trying PC,  both Chrome and Firefox browsers are still being redirected to Linkbucks.


                    I seem to have a deeper problem, not sure what it is or what my next step should be.

                    • 7. Re: Browser hijack
                      Peter M

                      Follow the Hijackthis or DDS instructions found lower down that last link in my signature below.  One of those specialist forums should be able to offer good advice.


                      As far as the iPad is concerned, if you can't remove Linkbucks by normal means and Apple forums are no help, it may be necessary to reset the iPad.   I trust you have iTunes backups.


                      There are numerous removal guides on the web for Linkbucks.

                      • 8. Re: Browser hijack

                        Hi again,


                        Some progress ( touch wood ).


                        Firstly ,  I tried to download adwcleaner by following your link. Site Advisor appeared with a warning that this was a sus , risky site. I decided not to proceed. There are other sites offering the same tool but most appear to be bundled with other stuff including default search engines. I left that for the moment.


                        Next , I removed the sus file identified by Getsusp ( amazon mp3 downloader ) and rebooted. So far, that seems to have solved the problem.


                        The laptop seems to be a different proposition. Getsups scan comes up all clear. Stinger as well. I'd like to try adwcleaner next. Do I ignore Site Advisor ?  The persistent difficulty for me is that by clicking on links and for downloads, I get re-directed to you know who !   Would it make any difference starting in safe mode ?


                        Best regards.

                        • 9. Re: Browser hijack
                          Peter M

                          adwcleaner?  Never heard of it.  Can you point out where that link happens to be?

                          1 2 Previous Next