Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Dangerous Urls


  • Please log in to reply
No replies to this topic

#1 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:09:38 PM

Posted 21 December 2005 - 02:21 PM

I got surprised by this.
Hitting any of these urls (which I edited by adding spaces so they won't now work) installs URL redirecting, and some sort of spyware, which McAffee on-access scan at the office catches. Under HJT it comes out in O16 section.

Here are the 3 quotes from search returns while googling

Removing 'Your personal pages' website [Archive] - MajorGeeks ...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) -
file://C:\TempEI4\EI40_\msxml4.cab (file://C:TempEI4EI40_msxml4.cab) ...
forum. majorgeeks. com/archive/index. php/t-33461.html - 12k - Cached - Similar pages

Designtechnica Forums - windowws hijack-er
O15 - Trusted Zone: *.greg-search.com O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5}
(XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab ...
forums. designtechnica. com/archive/index.php/t-5285.html - 20k - Cached - Similar pages

Designtechnica Forums - Help.
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) -
file://C:\TempEI4\EI40_\msxml4.cab O17 - HKLM\System\CCS\Services\Tcpip\. ...
forums. designtechnica.com/archive/index.php/t-6038.html - 12k - Cached - Similar pages
[ More results from forums.designtechnica.com ]


WHY?????


EDITED: I think it happened when we clicked "Cached" not the direct URL

Edited by tos226, 21 December 2005 - 02:33 PM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users