Hi stevecobb,
Here is information about this malware:
http://www.microsoft.com/security/portal/Entry.aspx?Name=Trojan:JS/Redirector.HIn general about these SQL-injecting threats read:
http://blogs.technet.com/antimalware/A list of compromised sites you can find here:
http://www.shadowserver.org/wiki/Sites that were infected with JS-redirector-H:
Domain
nihaorr1.com
free.hostpinoy.info
xprmn4u.info
nmidahena.com
winzipices.cn
sb.5252.ws
aspder.com
11910.net
bbs.jueduizuan.com
bluell.cn
2117966.net
s.see9.us
xvgaoke.cn
1.hao929.cn
414151.com
cc.18dd.net
yl18.net
kisswow.com.cn
urkb.net
c.uc8010.com
rnmb.net
ririwow.cn
killwow1.cn
qiqigm.com
wowgm1.cn
wowyeye.cn
9i5t.cn
computershello.cn
z008.net
b15.3322.org
direct84.com
caocaowow.cn
qiuxuegm.com
firestnamestea.cn
a.ka47.us
a188.ws
qiqi111.cn
Approximate # of
Pages Injected between ranking between 440,000 and 230
What to do?
Empty the temporary java cache. [Located in the java console].
Here are the instructions on how to manually remove these malicious applets from the JRE cache directory:
From the Start button, click Settings > Control Panel
In the Control Panel, open the "Java Plug-in Control Panel"
Select the Cache Tab
Click the Clear button inside the Cache Tab, which will clear your JRE cache directory
pictures:
http://www.dslreports.com/forum/remark,13803204To verify current version of Java installed use this tool: »www.java.com/en/download/installed.jsp
polonus