[Full-Disclosure] Mystery DNS Changes
Nick FitzGerald
nick at virus-l.demon.co.uk
Sat Oct 4 07:03:29 BST 2003
"Mike O'Connor" <oconnor123 at sympatico.ca> wrote:
> I have the described behaviour when visiting google.com, but have
> neither the aolfix.exe ...
Perhaps because it deletes itself after making the changes, as
mentioned in several online virus descriptions?
> ... nor registry entries, on my XP box. Where would
> one find the registry entry for the current DNS(s)?
I makes both registry and HOSTS fiel changes. The "google.com effect"
you refer to is part of the latter.
--
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
Full-Disclosure is hosted and sponsored by Secunia.