Does avast shields flag this and does it know of the root of the trouble?

Hi my good forum friends,

While I was abroad an interesting discussion went on on the NoScript support forum, where polonus is active under the nick “luntrus”. Re: http://forums.informaction.com/ucp.php?i=pm&mode=view&f=0&p=1129

Read this quite interesting and extensive thread about this online webscript-threat through the link I provided. But more important is my question: "Does avast shields alert this, where does this come from or put in another way: “Wat lies at the root of the trouble here?”

polonus

Hi Polonus,

Is that the right link? It takes me to a login page for the user control panel…

-Scott-

either that (wrong link) or you have to login to see that page…

Hi malware fighting friends,

Sorry, here is the right link, and bite your teeth into this one:
http://forums.informaction.com/viewtopic.php?f=7&t=3005

Very curious as to your comments,

pol

I didn’t have time to read the entire thing, but from what I saw, Firefox is basically sending info to innoshot.com without the user’s knowledge when they use one of the popular search engines. Am I right?

I didn’t look to see if it was a particular add-on, I figured that if it was, they thread would be talking more about it, rather than FF itself.

Well, at least no-script is blocking it (I think), and until they figure it out, use chrome or another browser…

Hi scythe944,

A way to do a hidden redirect through the POST method is to create a hidden input element, use then JS to change the hidden element value and submit the form.
e.g. something like should work, however I have not tested it. If you’re familiar with JS you will figure it out.


fucntion sendByPost(hiddenField)
{
var = myvalue;
var myHiddenfield = document.getElementById(hiddenfield);
myHiddenfield.value = myvalue;
document.form.submit();
}

You could see there are actual scenario’s to do this, also with AJAX,

polonus