Fixed: Alexa related? False positive?

Chainsaw

New member
Spbot 1.6, Win2Kpro - no evidence of malware, no computer problems (the end of a long cleanup of a recently purchased machine).

I've read a bunch of alexa-related threads, and there clearly IS a problem with Alexa, but I don't have it, nor AFAIK any signs of it.

Spybot flags my "related.htm" as "alexa related". The contents look like

<script>
//Build the query
userURL=external.menuArguments.location.href;
RelatedServiceURL="http://www.google.com/ie?as_rq=";

//Perform simple check for Intranet URLs
//this is where the http or https will be, as found by searching for :// but skip res:
protocolIndex=userURL.indexOf("://",4);
serverIndex=userURL.indexOf("/",protocolIndex + 3);
urlresult=userURL.substring(0,serverIndex);

//Check if Intranet URL - then open search bar

if (urlresult.indexOf(".",0) < 1) userURL="Intranet URL";
finalURL = RelatedServiceURL + encodeURIComponent(userURL);
external.menuArguments.open(finalURL, "_search");
</script>

So why is it a security risk? Am I missing some detail because I don't actually USE IE?

And if I wish IE to search using Google instead of MSN search, what is the correct way to get Spybot to acknowledge it? Do I have to file it as an individual exclusion? And will this prevent Spybot from detecting if it is altered later by malware to something other than google?
 
hello,

thank you for reporting this issue. Spybot S&D was supposed to only find the file if it has been tempered by Alexa. Thus this will be confirmed as a false positive and fixed with the next update scheduled for next Wednesday.
 
Back
Top