Desktop.ini spyware?

Discussion in 'ewido anti-spyware forum' started by wilderfo, Dec 13, 2006.

Thread Status:
Not open for further replies.
  1. wilderfo

    wilderfo Registered Member

    Joined:
    Dec 13, 2006
    Posts:
    1
    hello,

    after opening desktop.ini files in notepad i get the following...

    [.ShellClassInfo]
    FolderType=MusicArtist
    MusicBuyUrl=http://windowsmedia.com/redir/buynow9.asp?providerName=AMG &albumID=001D6543-37D7-42D4-BEF4-E5440BA73AFE&a_id=R%20%20%20786867&al bum=Life%20in%20Slow%20Motion&artistID=8DB179E6-CABD-45F9-9095-77F825F 86DA5&p_id=P%20%20%20%2081729&artist=David%20Gray&locale=409&geoid=f2& version=10.0.0.3646&userlocale=809

    am I right in my assertion that this is accessing the internet.
    it seems to download album art images.

    Is there anyway to stop this?
     
  2. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    I'm not too clear about this, but if destop.ini files are being used to control the contents of files shown in Windows Explorer, and if it is accessing the net to display something, then blocking Explorer.exe from accessing the net through your FW should prevent this.

    I have permanently blocked Explorer.exe from accessing the net because I don't see why it should be allowed to act as a Browser if I don't want it to.

    Also, why not just delete the offending data or file?

    What has this got to do with AVG-AS though!
     
Thread Status:
Not open for further replies.