Not very common type of malware. Some URLs:
http://xxx.com/.../QTYgXYYZ http://yyy.com/../../QTYgXYYZ .. a few more..
Those are often used to redirect the browser to SEO spam sites via a TDS. However, since this is a generic rule, the malware can change from site to site.
Affecting: Any web site (no specific target).
Clean up: Nothing specific.
Last update: Oct/2012